Common use of Security Assessment Clause in Contracts

Security Assessment. NIST Special Publication 800-37, Revision 1, encourages agencies to accept each other's security assessments in order to reuse information system resources and/or to accept each other's assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the Parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either Party at any time throughout the duration or any renewal of this CMA.

Security Assessment. NIST Special Publication 800-37, Revision 1as revised, encourages agencies to accept each other's ’s security assessments assessment in order to reuse information system resources and/or to accept each other's ’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the Parties parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either Party party at any time throughout the duration or any renewal extension of this CMAagreement.

Security Assessment. NIST Special Publication 800-37, Revision 1, encourages agencies to accept each other's security assessments in order to reuse information system resources and/or to accept each other's assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the Parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either Party at any time throughout the duration or any renewal of this CMAAgreement.

Security Assessment. NIST Special Publication 800-37, Revision 1as revised, encourages agencies to accept each other's ’s security assessments assessment in order to reuse information system resources and/or to accept each other's ’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the Parties parties agree to make available to each other other, upon request request, system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either Party party at any time throughout the duration or any renewal extension of this CMAagreement.

Security Assessment. NIST Special Publication 800-37, Revision 1, encourages agencies to accept each other's security assessments in order to reuse information system resources and/or to accept each other's assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best isbest achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the Parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either Party at any time throughout the duration or any renewal of this CMA.

Security Assessment. NIST Special Publication 800-37, Revision 12, encourages agencies to accept each other's security assessments in order to reuse information system resources and/or to accept each other's assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the Parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either Party at any time throughout the duration or any renewal of this CMAAgreement.