Individual, or (system) process acting on behalf of an individual, authorized to access an information system. [Note: With respect to SecCM, an information system user is an individual who uses the information system functions, initiates change requests, and assists with functional testing.]

Source: NIST SP 800-128 | Category: