APPENDIX C

ACRONYMS

COMMON ABBREVIATIONS

CIO
Chief Information Officer

CNSS
Committee on National Security Systems

CNSSI
Committee on National Security Systems Instruction

CNSSP
Committee on National Security Systems Policy

CUI
Controlled Unclassified Information

DoD
Department of Defense

EO
Executive Order

FedRAMP
Federal Risk and Authorization Management Program

FIPS
Federal Information Processing Standards

FISMA
Federal Information Security Modernization Act

FOCI
Foreign Ownership, Control, or Influence

GRC
Governance Risk Compliance

GSA
General Services Administration

IEC
International Electrotechnical Commission

IEEE
Institute of Electrical and Electronics Engineers

ISCM
Information Security Continuous Monitoring

IT
Information Technology

IR
Internal Report or Interagency Report

ISO
International Organization for Standardization

NARA
National Archives and Records Administration

NIST
National Institute of Standards and Technology

NSA
National Security Agency

ODNI
Office of the Director of National Intelligence

OMB
Office of Management and Budget

OT
Operations Technology

PCM
Privacy Continuous Monitoring

PII
Personally Identifiable Information

PL
Public Law

RMF
Risk Management Framework

SCRM
Supply Chain Risk Management

SDLC
System Development Life Cycle

SecCM
Security-focused Configuration Management

SP
Special Publication