U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

assurance

Abbreviation(s) and Synonym(s):

Definition(s):

  Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.
Source(s):
NIST SP 800-39 under Assurance from CNSSI 4009

  Grounds for justified confidence that a claim has been or will be achieved. Note 1: Assurance is typically obtained relative to a set of specific claims. The scope and focus of such claims may vary (e.g., security claims, safety claims) and the claims themselves may be interrelated. Note 2: Assurance is obtained through techniques and methods that generate credible evidence to substantiate claims.
Source(s):
NIST SP 800-160 Vol. 1 from ISO/IEC 15026

  The grounds for confidence that the set of intended security controls in an information system are effective in their application.
Source(s):
CNSSI 4009-2015
NIST SP 800-137 under Assurance

  Grounds for confidence that the set of intended security controls in an information system are effective in their application.
Source(s):
NIST SP 800-39 under Assurance

  Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. “Adequately met” includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass.
Source(s):
NIST SP 800-12 Rev. 1 under Assurance

  Grounds for justified confidence that a [security or privacy] claim has been or will be achieved.
Source(s):
NIST SP 800-37 Rev. 2

  Grounds for justified confidence that a claim has been or will be achieved. Note 1: Assurance is typically obtained relative to a set of specific claims. The scope and focus of such claims may vary (e.g., security claims, safety claims) and the claims themselves may be interrelated. Note 2: Assurance is obtained through techniques and methods that generate credible evidence to substantiate claims.
Source(s):
NIST SP 800-160 Vol. 1 from ISO/IEC 15026

  Grounds for justified confidence that a [security or privacy] claim has been or will be achieved. Note 1: Assurance is typically obtained relative to a set of specific claims. The scope and focus of such claims may vary (e.g., security claims, safety claims) and the claims themselves may be interrelated. Note 2: Assurance is obtained through techniques and methods that generate credible evidence to substantiate claims.
Source(s):
NIST SP 800-53 Rev. 5 from ISO/IEC 15026-1:2019 - Adapted

  Grounds for justified confidence that a [security or privacy] claim has been or will be achieved. Note 1: Assurance is typically obtained relative to a set of specific claims. The scope and focus of such claims may vary (e.g., security claims, safety claims), and the claims themselves may be interrelated. Note 2: Assurance is obtained through techniques and methods that generate credible evidence to substantiate claims.
Source(s):
NIST SP 800-53B

  Grounds for justified confidence that a [security or privacy] claim has been or will be achieved.
Source(s):
NIST SP 800-53A Rev. 5 under Assurance from ISO/IEC 15026-1:2019 - Adapted

  The grounds for confidence that an entity meets its security objectives.
Source(s):
NISTIR 7316 under Assurance