• Security Assessment Fundamentals
• Performing Security Control Assessments
• The Security Assessment Report in Context
• Relevant Source Material
The security assessment report is the primary documented result of the security control assessment initially performed in step 4 of the Risk Management Framework, and repeated as part of the operational monitoring phase described in step 6 of the RMF. Along with the system security plan and the plan of action and milestones, the security assessment report is one of the three documents, authorizing officials use to make the decision to authorize a given information system for production operation. Among all the artifacts produced in a ...