Establecer un
acuerdo mediante el cual una organización externa realiza parte de una función
o proceso de una organización.
[UNE-ISO/IEC
27000:2014]
make an arrangement where an
external organization performs part of an organization’s function or process
[ISO/IEC 27000:2014]
An information system or
component of an information system that is outside of the authorization
boundary established by the organization and for which the organization
typically has no direct control over the application of required security
controls or the assessment of security control effectiveness. [CNSSI_4009:2010]
An information system
service that is implemented outside of the authorization boundary of the
organizational information system (i.e., a service that is used by, but not a
part of, the organizational information system) and for which the organization
typically has no direct control over the application of required security
controls or the assessment of security control effectiveness. [CNSSI_4009:2010]
A network not controlled by
the organization. [CNSSI_4009:2010]