Purpose: Provide accountability by requiring a senior official to determine if the security and privacy risk based on the operation of a system or the use of common controls, is acceptable.
Outcomes:
There are additional supporting publications for the Authorize Step.
Security and Privacy: general security & privacy, privacy, risk management, security measurement, security programs & operations
Laws and Regulations: E-Government Act, Federal Information Security Modernization Act