PM-10: Authorization Process

An OSCAL Control

Statement

a.
Manage the security and privacy state of organizational systems and the environments in which those systems operate through authorization processes;
b.
Designate individuals to fulfill specific roles and responsibilities within the organizational risk management process; and
c.
Integrate the authorization processes into an organization-wide risk management program.