💼 SA-9(1) Risk Assessments and Organizational Approvals (M)(H)

ID: /frameworks/fedramp-moderate-security-controls/sa/09/01

Description

(a) Conduct an organizational assessment of risk prior to the acquisition or outsourcing of information security services; and

(b) Verify that the acquisition or outsourcing of dedicated information security services is approved by [Assignment: organization-defined personnel or roles].

Similar

Sections
- /frameworks/fedramp-high-security-controls/sa/09/01
Internal
- ID: dec-c-d80bb49b

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 SA-9(1) Risk Assessments and Organizational Approvals (M)(H)					no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Take Policies From)​

Sub Sections​

Description

Similar

Similar Sections (Take Policies From)

Sub Sections