Chapter 12

RMF Phase 4

Assess Security Controls

Abstract

This chapter introduces the fourth phase of the RMF, which is when the implemented security controls are assessed. Phase 4 includes developing an assessment strategy, assessing the controls, and producing the security assessment report (SAR).

Keywords

security control assessment

security control assessor

SCA

security assessment report

SAR

test plan

assessment test case

Table of Contents

Chapter Overview and Key Learning Points

Assessing Security Controls

Phase 4, Task 1: Security Control Assessment Plan

Phase 4, Task 2: Security Control Assessment

Phase 4, Task 3: Security Assessment Report

Phase 4, Task 4: Remediation Actions

Chapter 12 Lab Exercises: Assessing Security Controls

Get Risk Management Framework now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Risk Management Framework by James Broad

RMF Phase 4

Assess Security Controls

Abstract

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly