Define authorization boundaries

  • Release version: Washingtondc
  • Updated August 1, 2024
  • 1 minute to read

    • An authorization boundary defines the scope of a particular system that can be continuously managed and monitored using the CAM application.

    Before you begin

    Role required: sn_irm_cont_auth.system_owner or sn_irm_cont_auth.admin

    Procedure

    1. Navigate to All > Continuous Authorization & Monitoring > All Authorization Boundaries.
      All authorization boundaries
    2. Click New.
      Authorization boundary - new record
    3. On the form, fill in the fields.
      Table 1. Authorization Boundary
      Field Description
      Name A name for this boundary.
      Description A description for this boundary.
      Operational status The operational status:
      • Under development
      • Reauthorize
      • Operational
      • Decommissioned
      Mission critical The boundary is mission critical if selected.
      System owner The individual responsible for procuring, developing, integrating, modifying, operating, and maintaining an information system.
      Information owners The individuals responsible for statutory, management, and operational authority.
      System users The users responsible for performing the actual work on the system.
      Diagrams If needed, or if you do not have a CMDB, add data flow, network, and boundary diagrams.
    4. Save the record.

      The following tabs appear. Use these tabs to identify what systems and parts of systems you own and should go through the authorization process.

      Boundary tabs
    5. You can use the Boundary Filters tab to create filters for identifying all of your system elements.
      After running the filters, the results appear in the System Elements tab.
    6. If elements appear that should not be included in the authorization process, you can select them, and select Delete from the Actions on selected rows list at the bottom of the screen.
    7. You can click Add to include additional assets or systems to the list of system elements in the authorization boundary.

    What to do next

    This completes the procedure for defining your authorization boundary. The next step is to create the authorization package that will be processed through approvals. You can initiate the process by clicking the Authorization Packages tab or via the navigation pane. For details, see Create an authorization package.