Chapter 13

Reporting

Abstract

The various types of assessment reports are defined and reviewed. The Security Assessment Report and the Risk Assessment Report are the primary outputs from any assessment in the RMF process and each is defined and discussed, and sample templates are provided.

Keywords

reports

SAR

POAM

I often explain to interested people and my students that the number 1 job of any security professional is the secure the data and the number 2 job is to “report, report, and report again.” We often have to spend a great deal of time and effort in gathering the data for and producing various different kinds of reports and documents to support our security efforts. The various reporting requirements often are externally provided to ...

Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.

Start your free trial

Security Controls Evaluation, Testing, and Assessment Handbook by Leighton Johnson

Reporting

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.