Security Control Inheritance

Security Control Inheritance definition in Computer Security terms:

Acronym(s): None

Definition(s): A situation in which an information system or application receives protection from security controls (or portions of security controls) that are developed, implemented, and assessed, authorized, and monitored by entities other than those responsible for the system or application; entities either internal or external to the organization where the system or application resides. See common control.
Source(s): CNSSI 4009-2015 (NIST SP 800-53A Rev. 1)

Common Control.
Source(s): NIST SP 800-137 (CNSSI 4009)

A situation in which an information system or application receives protection from security controls (or portions of security controls) that are developed, implemented, assessed, authorized, and monitored by entities other than those responsible for the system or application; entities either internal or external to the organization where the system or application resides. See Common Control.
Source(s): NIST SP 800-37 Rev. 1
NIST SP 800-39 (CNSSI 4009)
NIST SP 800-53 Rev. 4 (CNSSI 4009)
NIST SP 800-53A Rev. 4

A situation in which an information system or application receives protection from security controls (or portions of security controls) that are developed, implemented, assessed, authorized, and monitored by entities other than those responsible for the system or application; entities either internal or external to the organization where the system or application resides.
Source(s): NIST SP 800-30 (CNSSI 4009)

Synonym(s): Common Control
A security control that is inherited by one or more organizational information systems.
Source(s): CNSSI 4009-2015 NIST SP 800-137 NIST SP 800-37 Rev. 1 NIST SP 800-30 A security control that is inherited by one or more organizational information systems. See Security Control Inheritance.
Source(s): NIST SP 800-39 A security control that is inheritable by one or more organizational information systems. See Security Control Inheritance.
Source(s): NIST SP 800-53 Rev. 4

 

reference: CSRC Glossary