The physical surroundings in which an information system processes, stores, and transmits information.
Source(s):
NIST SP 800-137 under Environment of Operation from NISTIR 7298
NIST SP 800-37 Rev. 2
NIST SP 800-39 under Environment of Operation from NIST SP 800-37
NIST SP 800-53 Rev. 5 from OMB Circular A-130 (2016)
NIST SP 800-53B from OMB Circular A-130 (2016)
NIST SP 800-37 Rev. 1 [Superseded] under Environment of Operation
NIST SP 800-53 Rev. 4 [Superseded] under Environment of Operation from NIST SP 800-37
NIST SP 800-53A Rev. 4 [Superseded] under Environment of Operation from NIST SP 800-37

  The physical, technical, and organizational setting in which an information system operates, including but not limited to: missions/business functions; mission/business processes; threat space; vulnerabilities; enterprise and information security architectures; personnel; facilities; supply chain relationships; information technologies; organizational governance and culture; acquisition and procurement processes; organizational policies and procedures; organizational assumptions, constraints, risk tolerance, and priorities/trade-offs).
Source(s):
CNSSI 4009-2015 from NIST SP 800-30 Rev. 1
NIST SP 800-30 Rev. 1 under Environment of Operation

  The physical surroundings in which a system processes, stores, and transmits information.
Source(s):
NIST SP 800-171 Rev. 1 [Superseded] from NIST SP 800-37 - Adapted