💼 SA-9(1) External System Services | Risk Assessments and Organizational Approvals

• Contextual name: 💼 SA-9(1) External System Services | Risk Assessments and Organizational Approvals
• ID: /frameworks/nist-sp-800-53-r5/sa/09/01
• Located in: 💼 SA-9 External System Services

Description

(a) Conduct an organizational assessment of risk prior to the acquisition or outsourcing of information security services; and (b) Verify that the acquisition or outsourcing of dedicated information security services is approved by [Assignment: organization-defined personnel or roles].

Similar

• Internal
  • ID: dec-c-86faef7d

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 SA-9(1) Risk Assessments and Organizational Approvals (M)(H)

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags