Definition Edit

An external information system is

an information system or component of an information system that is outside of the authorization boundary established by a government organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.[1]

Overview Edit

NIST Special Publication 800-37 and NIST Special Publication 800-53 provide additional guidance on external information systems and the effect of employing security controls in those types of environments.

References Edit

  1. NIST Special Publication 800-53, App. B, Glossary. Note: The term external should not be interpreted as or equated to meaning physically external. A distributed system will have elements that are physically/geographically distributed while being logically within the same authorization boundary. NIST Special Publication 800-160, at B-5.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.