Provides a disciplined and structured approach for documenting the findings of the assessor and the recommendations for correcting any identified vulnerabilities in the security controls.
Sources:
CNSSI 4009-2015
from
DoDI 8510.01