Appendix D: Acronyms
| Acronym | Definition |
|---|---|
| AI | Artificial Intelligence |
| AO | Authorizing Official |
| ATO | Authority to Operate |
| CIO | Chief Information Officer |
| CISO | Chief Information Security Officer |
| FedRAMP | Federal Risk and Authorization Management Program |
| FFRDC | Federally Funded Research and Development Center |
| FIPS | Federal Information Processing Standard |
| FISMA | Federal Information Security Modernization Act |
| GAO | Government Accountability Office |
| GISRA | Government Information Security Reform Act of 2000 |
| IG | Inspector General |
| IT | Information Technology |
| Li-SaaS | The Lightweight Software as a Service Authoirization Process |
| MITRE | This non-profit FFRDC’s name is not an acronym, although various claims that it is can be found online |
| NDAA | National Defense Authorization Act |
| NIST | National Institute of Standards and Technology |
| NISTIR | National Institute for Standards and Technology Interagency / Internal Report |
| OFCIO | Office of the Federal Chief Information Officer |
| OFFM | Office of Performance and Personnel Management |
| OFPP | Office of Federal Procurement Policy |
| OIRA | Office of Regulatory and Information Affairs |
| OMB | Office of Management and Budget |
| POAM | Plan of Action and Milestones |
| RMF | Risk Management Framework |
| SaaS | Software as a Service |