Fields on the Roles and Responsibilities tab
On the Roles and Responsibilities tab, you specify the responsibilities of various stakeholders during the review and approval process.
Fields on the Roles and Responsibilities tab
CAM roles that are required for particular tasks are listed in CAM user roles.
| User / Role | Description |
|---|---|
| System owner | The individual responsible for procuring, developing, integrating, modifying, operating, and maintaining an information system. |
| Authorizing Official (AO) | The individual responsible for accepting an information system into an operational environment at a known risk level. Typically, this person is at the CISO or deputy CISO level. |
| Authorizing Official Designated Representatives (AODR) | One or more AODRs. |
| Security Control Assessors (SCA) | The individuals responsible for conducting a thorough assessment of the controls of an information system. |
| Information System Security Managers (ISSM) | The individuals responsible for conducting information system security management activities as designated by the ISSO. |
| Information System Security Officers (ISSO) | The individuals responsible for ensuring that the appropriate operational security posture is maintained for an information system. |
| Information owners | The individuals responsible for statutory, management, and operational authority. |
| System users | The users responsible for performing the actual work on the system. |