An assessment object that includes specific protection-related items (e.g., hardware, software, or firmware) employed within or at the boundary of an information system.
Sources:
CNSSI 4009-2015
NIST SP 800-137
under Mechanisms
An assessment object that includes specific protection-related items (e.g., hardware, software, or firmware).
Sources:
NIST SP 800-53A Rev. 5