Task ID: T0221

Task Description: Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.

Work Roles with this Task:

• Work Role ID: SP-RSK-001
  Work Roles: Authorizing Official/Designating Representative
  Work Role Description: Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).
  Category: Securely Provision
  Specialty Area(s): Risk Management
• Work Role ID: SP-RSK-002
  Work Roles: Security Control Assessor
  Work Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
  Category: Securely Provision
  Specialty Area(s): Risk Management