Security Assessments. NIST Special Publication 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreement.
Appears in 2 contracts
Samples: Computer Matching Agreement, Computer Matching Agreement
Security Assessments. NIST Special Publication (SP) 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST SP 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreement.
Appears in 1 contract
Samples: Computer Matching Agreement
Security Assessments. The NIST Special Publication SP 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST SP 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreementAgreement.
Appears in 1 contract
Samples: Computer Matching Agreement
Security Assessments. The NIST Special Publication 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreementAgreement.
Appears in 1 contract
Samples: Computer Matching Agreement
Security Assessments. NIST Special Publication (SP) 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST SP 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreementAgreement.
Appears in 1 contract
Samples: Computer Matching Agreement
Security Assessments. The NIST Special Publication 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree (subject to reasonable assurances of confidentiality and security) to make available to each other other, upon request request, system security evidence security for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreementAgreement.
Appears in 1 contract
Samples: Computer Matching Agreement
Security Assessments. NIST Special Publication (SP) 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST SP 800-37 further encourages indicates that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreement.
Appears in 1 contract
Samples: Computer Matching Agreement
Security Assessments. The NIST Special Publication 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreement.
Appears in 1 contract
Samples: Computer Matching Agreement