SCA

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

Security Control Assessor

CNSSI 4009-2015

software composition analysis

NIST SP 800-204C

SRxCryptoAPI

NIST TN 2060

Supply Chain Assurance

NIST SP 1800-34C

Definition(s):

The individual, group, or organization responsible for conducting a security control assessment.
Source(s):
NIST SP 800-137 under Security Control Assessor
NIST SP 800-30 Rev. 1 under Security Control Assessor
NIST SP 800-39 under Security Control Assessor

Confidence that the supply chain will produce and deliver elements, processes, and information that function as expected.
Source(s):
NISTIR 7622 under Supply Chain Assurance from DoD Key Practices and Implementation Guide - Adapted

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.