{"id":1107,"date":"2024-07-16T21:25:00","date_gmt":"2024-07-16T21:25:00","guid":{"rendered":"https:\/\/www.tarleton.edu\/security-controls-catalog\/?page_id=1107"},"modified":"2024-09-06T21:27:31","modified_gmt":"2024-09-06T21:27:31","slug":"ca-6-authorization","status":"publish","type":"page","link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/assessment-authorization-and-monitoring-ca\/ca-6-authorization\/","title":{"rendered":"CA-6: Authorization"},"content":{"rendered":"\n<h1 class=\"wp-block-heading has-large-font-size\">CA-6: Authorization<\/h1>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>NIST Baseline: &nbsp;<\/strong>Low&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Privacy Baseline:<\/strong> &nbsp;Yes&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>DIR Required By: &nbsp;<\/strong>07\/20\/2023&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Review Date: &nbsp;<\/strong>06\/26\/2024&nbsp;<\/h2>\n\n\n\n<p>The Tarleton Chief Information Officer (CIO) has delegated authorization to operate Tarleton information resources to information resource owners and other applicable leadership within the Office of Innovative Technology Solutions (OITS).&nbsp;&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list its-nested-list\">\n<li>Information resource owners or their designees are responsible for ensuring that authorized resources satisfy business needs.&nbsp;&nbsp;<\/li>\n\n\n\n<li>The information resource owners will assist the relevant ITS personnel in helping ensure that authorized resources comply with security, privacy, and accessibility laws and policies.&nbsp;&nbsp;<\/li>\n\n\n\n<li>An information resource owner must be identified for each information system.&nbsp;\n<ul class=\"wp-block-list\">\n<li>Information resource owners are accountable for security, privacy, and accessibility risks associated with the operation and use of the information systems under their authority.&nbsp;&nbsp;<\/li>\n\n\n\n<li>The information resource owner, with assistance from applicable OITS personnel, including, but not limited to Tarleton\u2019s Chief Information Security Officer (CISO), is responsible for ensuring that the applicable authorizing official has approved the information system before beginning operation and when major changes are made to the information system, as needed.&nbsp;<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\">References\/Additional Resources<\/h3>\n\n\n\n<p>None.&nbsp; See any applicable internal procedures.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CA-6: Authorization NIST Baseline: &nbsp;Low&nbsp; Privacy Baseline: &nbsp;Yes&nbsp; DIR Required By: &nbsp;07\/20\/2023&nbsp; Review Date: &nbsp;06\/26\/2024&nbsp; The Tarleton Chief Information Officer (CIO) has delegated authorization to operate Tarleton information resources to &#8230;<\/p>\n","protected":false},"author":1,"featured_media":580,"parent":788,"menu_order":6,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"class_list":["post-1107","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"coauthors":[],"author_meta":{"author_link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/author\/brian-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-3\/","display_name":"brian"},"relative_dates":{"created":"Posted 2 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on July 16, 2024","modified":"Updated on September 6, 2024"},"absolute_dates_time":{"created":"Posted on July 16, 2024 9:25 pm","modified":"Updated on September 6, 2024 9:27 pm"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/comments?post=1107"}],"version-history":[{"count":0,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1107\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/788"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/media?parent=1107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}