The IT Law Wiki

External information system service

32,068pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

An external information system service is

[a]n information system service that is implemented outside of the authorization boundary of the organizational information system (i.e., a service that is used by, but not a part of, the organizational information system) and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.[1]

References Edit

  1. NIST Special Publication 800-53, App. B, Glossary.

Also on Fandom

Random Wiki