ISC2 Governance, Risk and Compliance (CGRC) Practice Question
After the authorizing official signs the Authorization Decision Document for a new federal information system, the Information System Security Officer drafts a distribution list for the notification. Which of the following parties would NOT normally be considered a key stakeholder who must receive this formal notice of compliance status?
Chief Information Officer (CIO) or senior agency information security officer
System owner
Risk executive (function)
Facility plant manager responsible for building maintenance
NIST RMF states that the authorization decision must be provided to officials who have direct governance or operational responsibility for the system, including the system owner, the risk executive (function), and senior IT/security leadership such as the CIO or senior agency information security officer. A facility plant manager responsible solely for building maintenance does not have direct responsibility for the system's risk posture and is therefore not a required recipient. Thus, the plant-manager option is correct and the other choices are incorrect.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the role of the authorizing official in the NIST Risk Management Framework (RMF)?
Open an interactive chat with Bash
What is meant by 'stakeholders with direct governance or operational responsibility'?
Open an interactive chat with Bash
What is the purpose of the Authorization Decision Document in the RMF process?
Open an interactive chat with Bash
ISC2 Governance, Risk and Compliance (CGRC)
System Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .