one. Requires external information system service providers to comply with the company`s information security requirements and apply [assignment: security controls defined by the organization] in accordance with federal laws, executive orders, directives, directives, rules, standards and instructions; b. defines and documents state oversight and user roles and responsibilities with respect to external information systems services; and comments on the presentation and functionality of the glossary should be sent to secglossary@nist.gov. Defines the specific responsibilities of the service provider and defines the expectations of customers. Source(s): CNSSI 4009-2015 A service contract between an FCKMS service provider and an FCKMS service organization defining the level of service to be offered, for example. B recovery time after an operating failure or system upgrade. Source(s): NIST SP 800-152 under Service Level Agreement (SLA) v. Used to continuously monitor compliance with security controls by external service providers. . Comments on some definitions should be sent to the authors of the linked source publication.

For NIST publications, there is usually an email in the document. . Service Level Agreement Service-Level Agreement Service Level Agreements. . . .