Skip Top Navigation
  • Who We Are

    • Leadership
    • Financials
    • Government Relations
    • Judicial Officer
    • Legal
    • Our History
    • Postal Facts
  • What We're Doing

    • Transforming Our Business
    • Current Initiatives
    • Securing The Mail
    • Sustainability
    • Corporate Social Responsibility
    • Government Services
    • Postal Customer Council
    • Service Performance Results
  • Newsroom

    • National News
    • Local News
    • Testimony & Speeches
    • Broadcast Downloads
    • Events Calendar
    • Photo Gallery
    • Service Alerts
  • Careers

    • Career Opportunities
    • Working at USPS
    • Search & Apply
    • Application Process
  • Doing Business with Us

    • Suppliers
    • Licensing
    • Rights & Permissions
    • Auctions
    • IT Policies, Process & Standards
    • Public Key Infrastructure
The image is the profile of an eagle's head adjoining the words United States Postal Service to form the corporate signature, along with the text About
Link to "2-11 Certifier" Link to contents for "2 Roles and Responsibilities"      Link to "2-13 Information Systems Security Officers"

2-12 Accreditor

The manager, CISO, functions as the accreditor and is responsible for the following:

  1. Reviewing the risk mitigation plan and supporting C&A documentation package together with business requirements and relevant Postal Service issues.
  2. Escalating security concerns or preparing and signing an accreditation letter that makes one of the following recommendations: accepting the information resource with its existing information security controls, requiring additional security controls with a timeline to implement, or deferring deployment until information security requirements can be met.
  3. Forwarding a full or conditional accreditation letter to the VP IT and the VP functional business area.
  4. Acknowledging unmitigated risks in a risk acceptance letter.
  5. If the requirements of the conditional accreditation letter are not met in the indicated time frame, the accreditor will issue a Failure To Comply Letter to the VP IT and the VP functional business area.
  6. For offsite hosted solutions, acknowledging in a letter of assessment that the information resource appears to conform to Postal Service information security requirements associated with requests to host or remove sensitive-enhanced/sensitive/non-publicly available data from Postal Service premises.



Link to "2-11 Certifier" Link to contents for "2 Roles and Responsibilities"      Link to "2-13 Information Systems Security Officers"
  • LEGAL

    • Privacy Policy ›
    • Terms of Use ›
    • FOIA ›
    • No FEAR Act EEO Data ›
  • ON ABOUT.USPS.COM

    • Newsroom ›
    • USPS Service Alerts ›
    • Forms & Publications ›
    • Careers ›
    • Site Index ›
  • ON USPS.COM

    • USPS.com Home ›
    • Buy Stamps & Shop ›
    • Print a Label with Postage ›
    • Customer Service ›
    • Delivering Solutions to the Last Mile ›
  • OTHER USPS SITES

    • Business Customer Gateway ›
    • Postal Inspectors ›
    • Inspector General ›
    • Postal Explorer ›
Copyright© 2019 USPS. All Rights Reserved.