Appendix C: Security Control Assessment Requirements

This appendix provides supporting material for the chapters of the book. It can also serve as a reference source and illustrates how many security controls are allocated and the attributes of these controls in different situations and under different requirements.

NIST SP 800-53A Assessment Methods

The following table defines the security assessment process used to evaluate each of the security controls as defined by NIST SP 800-53A.

Table C-1

SP 800-53A Assessment Methods



Get Risk Management Framework now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.