System Authorization Plan Phases
Question
System Authorization is the risk management process.
System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process.
What are the different phases of System Authorization Plan? Each correct answer represents a part of the solution.
Choose all that apply.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.ABDE.
The System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process, which is the risk management process. The SAP is a documented plan that outlines the phases of the System Authorization Process, which includes the following:
A. Pre-certification: In this phase, the system owner or designated representative prepares the system for certification. This includes identifying the security controls and documenting how they are implemented and managed.
B. Certification: In this phase, the system is evaluated to ensure that it meets the established security requirements. The certification process includes testing and evaluating the system's security controls and documenting the results.
C. Post-certification: In this phase, the system is prepared for authorization. This includes addressing any deficiencies identified during the certification process and updating the security plan and associated documentation.
D. Authorization: In this phase, the authorizing official reviews the security plan and the results of the certification process and makes a decision to authorize the system to operate.
E. Post-Authorization: In this phase, the system is monitored to ensure that it continues to meet the established security requirements. This includes ongoing security testing, evaluation, and risk management.
It is important to note that the SAP is not a linear process, and the phases may be repeated as necessary to ensure that the system continues to meet the established security requirements.
