Authorization Tasks - morgan-hanrahan/Tech-Journal GitHub Wiki

Provides a summary of tasks and expected outcomes for the RMF Authorize step

1. Authorization Package - The authorizing official is provided with an authorization packet.

2. Risk Analysis and Determination - The authorized official makes a risk decision that takes into account the risk management plan, including risk tolerance.

3. Risk Response - There are provided risk responses for identified risks.

4. Authorization Decision - The system's or the common controls' authorization is accepted or rejected.

5. Authorization Reporting - Organizational officials are informed of authorization choices, critical vulnerabilities, and hazards.