External Information System or Component

nouncandidate·updated May 9, 2026

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

An information system or component of an information system that is outside of the authorization boundary established by the organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.

Framework senses

4 senses across 4 frameworks

NISTIR 7298: Glossary of Key Information Security Terms, Revision 21 senseview framework →

§1: An information system or component of an information system that is outside of the authorization boundary established by the organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.

CNSSI-4009 (Glossary of Information Assurance Terms)1 senseview framework →

§1: An information system or component of an information system that is outside of the authorization boundary established by the organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.

NIST SP 800-531 senseview framework →

§1: An information system or component of an information system that is outside of the authorization boundary established by the organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.

NIST SP 800-371 senseview framework →

§1: An information system or component of an information system that is outside of the authorization boundary established by the organization and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.