The IT Law Wiki

External information system

32,576pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

An external information system is

an information system or component of an information system that is outside of the authorization boundary established by a government organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.[1]

Overview Edit

NIST Special Publication 800-37 and NIST Special Publication 800-53 provide additional guidance on external information systems and the effect of employing security controls in those types of environments.

References Edit

  1. NIST Special Publication 800-53, App. B, Glossary. Note: The term external should not be interpreted as or equated to meaning physically external. A distributed system will have elements that are physically/geographically distributed while being logically within the same authorization boundary. NIST Special Publication 800-160, at B-5.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.