Common Control Provider

An organizational official responsible for the development, implementation, assessment, and monitoring of common controls (i.e., security controls inherited by information systems).
SOURCE: SP 800-37; SP 800-53A