ISC2 Governance, Risk and Compliance (CGRC) Practice Question
While updating the System Security Plan for a federal agency's new asset-management platform, you learn it will exchange real-time inventory data with two external partner systems through a secured API gateway. Which document should you cite to detail the technical safeguards, required encryption, and each party's responsibilities for these interconnections?
An Interconnection Security Agreement (ISA) is the formal document prescribed by NIST SP 800-47 and referenced in NIST SP 800-18 for any connection between two information systems. The ISA spells out the technical interface characteristics, security controls (for example, encryption and authentication methods), and delineates the responsibilities of each party for operating and securing the shared interface. A Memorandum of Agreement (MOA) or MOU describes high-level roles and intentions but lacks detailed security control specifications. A Service Level Agreement focuses on performance and service metrics, not security safeguards for data exchanges. A Privacy Impact Assessment addresses personal data handling risks rather than defining the technical and security requirements of system interconnections. Therefore, documenting the API links in an ISA is the correct action.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an Interconnection Security Agreement (ISA) and why is it essential for system interconnections?
Open an interactive chat with Bash
How does an ISA differ from a Memorandum of Agreement (MOA) or Memorandum of Understanding (MOU)?
Open an interactive chat with Bash
What role does encryption play in an ISA, and what are common encryption methods it specifies?
Open an interactive chat with Bash
ISC2 Governance, Risk and Compliance (CGRC)
Scope of the System
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .