Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

security control assessment

Abbreviation(s) and Synonym(s):

assessment
Assessment
security assessment
Security Assessment

Definition(s):

  See Security Control Assessment.
Source(s):
NIST SP 800-137 under Assessment
NIST SP 800-37 Rev. 1 under Assessment
NIST SP 800-39 under Assessment
NIST SP 800-53 Rev. 4 under Assessment
NIST SP 800-171 Rev. 1 under assessment
NIST SP 800-171 Rev. 1 under security assessment
NIST SP 800-53 Rev. 4 under Security Assessment

  See Security Control Assessment or Privacy Control Assessment.
Source(s):
NIST SP 800-53A Rev. 4 under Assessment

  See Security Control Assessment or Risk Assessment.
Source(s):
NIST SP 800-30 Rev. 1 under Assessment

  The testing and/or evaluation of the management, operational, and technical security controls in an information system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
Source(s):
CNSSI 4009-2015 (NIST SP 800-37 Rev. 1)
NIST SP 800-137 under Security Control Assessment (CNSSI 4009 - Adapted)
NIST SP 800-37 Rev. 1 under Security Control Assessment

  The testing or evaluation of security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for an information system or organization.
Source(s):
NIST SP 800-53 Rev. 4 under Security Control Assessment (CNSSI 4009 - Adapted)
NIST SP 800-53A Rev. 4 under Security Control Assessment

  The testing or evaluation of security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for a system or organization.
Source(s):
NIST SP 800-171 Rev. 1 (CNSSI 4009 - Adapted)

  The testing and/or evaluation of the management, operational, and technical security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for an information system or organization.
Source(s):
NIST SP 800-30 Rev. 1 under Security Control Assessment (NIST SP 800-39, CNSSI 4009 - Adapted)
NIST SP 800-39 under Security Control Assessment (CNSSI 4009 - Adapted)

  The testing and/or evaluation of the management, operational, and technical security controls in a system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
Source(s):
NIST SP 800-12 Rev. 1 under Security Control Assessment (NIST SP 800-37)

  See security control assessment or risk assessment.
Source(s):
CNSSI 4009-2015 under assessment (NIST SP 800-30 Rev. 1)