Conditions For Ongoing Authorization

  • Federal government wants to move from a static, point in time authorization process to a dynamic, near real-time ongoing authorization process
  • Condition to implement OA
    • Initial authorization needs to be completed
    • The organization needs to develop an Information Security 
      Continuous Monitoring (ISCM) strategy)
  • Ongoing authorization decision for a system needs to be formally documented by the authorization official (Example within the ATO)
error: Content is protected !!