Chapter 7

Assessment Process

Abstract

The assessment process is presented to show how some assessments focus on verifying that a particular security control (or set of controls) meets requirements, while other assessments are intended to identify, validate, and assess a system’s exploitable security weaknesses.

Keywords

assessment process

focused

comprehensive

basic

guidelines

Focus

In order to conduct an assessment evaluation for a system or application, the focus initially needs to be on what areas are of highest impact, highest value, and highest volatility. Once that has been determined, the focus shifts to the rest of the system or application in order to cover all possible areas of impact since in the security arena, any method of attack ...

Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security Controls Evaluation, Testing, and Assessment Handbook by Leighton Johnson

Assessment Process

Abstract

Keywords

Focus

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly