User

(1) The party, or his designee, responsible for the security of designated information. The user works closely with an ISSE. Also referred to as the customer. (2) Person or process accessing an AIS either by direct connections (i. e. , via terminals), or indirect connections (i. e. , prepare input data or receive output that is not reviewed for content or classification by a responsible individual). Any person who has access to the secured system. A user’s access is tied to their work tasks and is limited so they have only enough access to perform the tasks necessary for their job position (in other words, principle of least privilege). Also referred to as an end user and employee. Individual or process authorized to access an information system. (PKI) Individual defined, registered, and bound to a public key structure by a certification authority (CA).