The authorization of an IT system to process,store,or transmit information.
A)accreditation
B)baseline
C)benchmarking
D)certification
E)due diligence
F)best security practices
G)recommended business practices
H)standard of due care
I)performance measurements
J)NIST SP 800-37

Question

Quizplus · Accepted Answer

Accreditation is the process of evaluating the security controls of an IT system to ensure that they meet the established set of security requirements. Once the system is found compliant, it receives formal authorization to process, store, or transmit information.

Answer: D
 Certification is the process of assessing the security features of an IT system against a set of predefined criteria, such as security standards, guidelines, or best practices. Once the system meets the criteria, it is officially certified as secure.

Answer: J
 NIST SP 800-37 is a guideline from the National Institute of Standards and Technology (NIST) that outlines a risk management framework for federal IT systems. The guideline includes a step-by-step process for assessing, implementing, and monitoring security controls, which can ultimately lead to formal authorization or accreditation of the system.

The Authorization of an IT System to Process,store,or Transmit Information