Suggested Answer:referred as approving/accrediting authority (DAA) or the Principal Approving Authority (PAA). Answer: C is incorrect. The system owner has the responsibility of🗳️
The authorizing official is the senior manager responsible for approving the working of the information system. He is responsible for the risks of operating the information system within a known environment through the security accreditation phase. In many organizations, the authorizing official is also informing the key officials within the organization of the requirements for a security C&A of the information system. He makes the resources available, and responsibilities of an Information System Security Officer (ISSO) are as follows: Manages the security of the information system that is slated for Certification & Accreditation (C&A). Insures the information systems configuration with the agency's information security policy. Supports the information system owner/ information owner for the completion of security-related responsibilities. Takes part in the formal configuration management process. Prepares Certification & information security program functions.
The System Owner is responsible for accepting or rejecting the residual risk associated with a system from an ISC2 CSSLP perspective.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
74gjd_37
5 months, 2 weeks ago