External Information System Service

February 21, 2018

How Can We Help?

You are here:
< Back

An information system service that is implemented outside of the authorization boundary of the organizational information system (i.e., a service that is used by, but not a part of, the organizational information system) and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.
SOURCE: SP 800-53; SP 800-37; CNSSI-4009