Appendix D: Assessment Method Definitions, Applicable Objects, and Attributes

The following paragraphs are reproduced from NIST SP 800-53A Revision 1. This appendix can assist the security control assessor with defining the depth and coverage required for the assessment of each security control. It is recommended that the reader verify that this information is accurate and up to date by validating it on the NIST website.

Examine Assessment Method

ASSESSMENT METHOD: Examine

ASSESSMENT OBJECTS: Specifications (e.g., policies, plans, procedures, system requirements, designs)

Mechanisms (e.g., functionality implemented in hardware, software, firmware)

Activities (e.g., system operations, administration, management, exercises)

DEFINITION: The process ...

Get Risk Management Framework now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Risk Management Framework by James Broad

Appendix D: Assessment Method Definitions, Applicable Objects, and Attributes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly