Chapter 9
Assessment Techniques for Each Kind of Control
Abstract
The specific security controls are reviewed with testing methods for each of the NIST SP 800-53, revision 4 controls presented as tested through experience of working with the controls and conducting actual reviews. All SP 800-53 controls are documented, along with the ISO 27002 controls and the additional US DHS EBK controls.
Keywords
testing
NIST
assessment
SCA
AC
AU
AT
CA
CP
CM
IA
IR
MA
MP
SA
SC
SI
RA
PS
PE
PL
PM
privacy
Once we determine, which controls are to be assessed and our proposed methods and techniques for evaluation, we begin development of the security assessment plan (SAP) as per SP 800-37, rev. 1 defined requirements. In both SP 800-53A and SP 800-115, there are ...
Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
