Approval To Operate (C.F.D.) definition in Computer Security terms:
Definition(s): The official management decision issued by a designated accrediting authority (DAA) or principal accrediting authority (PAA) to authorize operation of an information system and to explicitly accept the residual risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals.
Source(s): CNSSI 4009-2015
reference: CSRC Glossary