A document that specifies, in a complete, precise, verifiable manner, the requirements, design, behavior, or other characteristics of a system or component and often the procedures for determining whether these provisions have been satisfied. See specification requirement.
Sources:
NIST SP 800-37 Rev. 2
under specification
An assessment object that includes document-based artifacts (e.g., policies, procedures, plans, system security requirements, functional specifications, architectural designs) associated with a system.
Sources:
NIST SP 800-53A Rev. 5
under specification
The requirements for the security-relevant portion of the system.
Sources:
NIST SP 800-160v1r1
An information item that identifies, in a complete, precise, verifiable manner, the requirements, design, behavior, or other expected characteristics of a system, service, or process.
Sources:
NIST SP 800-160v1r1
under specification
from
ISO/IEC/IEEE 15289:2019