Fedramp system Security Plan (ssp) High Baseline Template

CA-6 Security Authorization (L) (M) (H)

Download 1.2 Mb.

Page	141/478
Date	16.12.2020
Size	1.2 Mb.
	#54609

1 ... 137 138 139 140 141 142 143 144 ... 478

FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

CA-6c Additional FedRAMP Requirements and Guidance: Guidance
CA-6 What is the solution and how is it implemented Part a

CA-6 Security Authorization (L) (M) (H)

The organization:

Assigns a senior-level executive or manager as the authorizing official for the information system;
Ensures that the authorizing official authorizes the information system for processing before commencing operations; and
Updates the security authorization [FedRAMP Assignment: in accordance with OMB A-130 requirements or when a significant change occurs].

CA-6c Additional FedRAMP Requirements and Guidance:

Guidance: Significant change is defined in NIST Special Publication 800-37 Revision 1, Appendix F (SP 800-37). The service provider describes the types of changes to the information system or the environment of operations that would impact the risk posture. The types of changes are approved and accepted by the JAB/AO.

CA-6	Control Summary Information
Responsible Role:
Parameter CA-6 (c):
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

CA-6 What is the solution and how is it implemented?
Part a
Part b
Part c

Download 1.2 Mb.

Share with your friends:

1 ... 137 138 139 140 141 142 143 144 ... 478