External Information System Services | SA-9


Information Resource Owners or their designees are responsible for:
  • requiring that providers of external information system services comply with MCC information security controls, and applicable federal laws, state laws, Executive Orders, directives, policies, regulations, standards, and guidance.
  • defining and documenting oversight and user roles and responsibilities for external information system services.

Last updated: 3/13/2024

Contact Hours