What completes the acronym C&A in the context described?

Prepare for the FISMA Interview Test. Get familiar with key topics and enhance your knowledge with flashcards and multiple-choice questions. Study effectively and be ready for your exam!

Multiple Choice

What completes the acronym C&A in the context described?

Explanation:
In this context, C&A means Certification and Accreditation—the formal process used to obtain authorization to operate a system. Certification is the independent assessment that security controls are properly implemented and operating as intended. Accreditation is the formal approval by an authorizing official to operate the system, based on the certification results and the accepted level of risk. This pair is the standard terminology in federal info security (FISMA/NIST RMF) for moving a system from development to live operation: you first verify the controls (certification), then you grant official permission to operate (accreditation). The other phrases don’t represent the established process used in this framework.

In this context, C&A means Certification and Accreditation—the formal process used to obtain authorization to operate a system. Certification is the independent assessment that security controls are properly implemented and operating as intended. Accreditation is the formal approval by an authorizing official to operate the system, based on the certification results and the accepted level of risk.

This pair is the standard terminology in federal info security (FISMA/NIST RMF) for moving a system from development to live operation: you first verify the controls (certification), then you grant official permission to operate (accreditation). The other phrases don’t represent the established process used in this framework.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy