Chapter 3
Establishment of the Security Control Baseline
The security control baseline is established by determining specific controls required to protect the system based on the security categorization of the system. The baseline is tailored and supplemented in accordance with an organizational assessment of risk and local parameters. The security control baseline, as well as the plan for monitoring it, is documented in the security plan.
Certified Authorization Professional (CAP®) Candidate Information Bulletin, November 2010
Topics
- Minimum Security Baselines and Best Practices
- Assessing Risk
- System Security Plans
- NIST Guidance on Security Controls Selection
Objectives
As a Certified Authorization Professional (CAP®), you are expected to ...
Get Official (ISC)2® Guide to the CAP® CBK®, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.