Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

NISTIR 8011 Vol. 2

Automation Support for Security Control Assessments: Volume 2: Hardware Asset Management

Date Published: June 2017


Kelley Dempsey (NIST), Paul Eavy (DHS), George Moore (APL)



actual state; assessment; assessment boundary; assessment method; authorization boundary; automated assessment; automation; capability; continuous diagnostics and mitigation; dashboard; defect; defect check; desired state specification; hardware asset management; information security continuous monitoring; inventory management; mitigation; ongoing assessment; root cause analysis; security automation; security capability; security control; security control assessment; security control item
Control Families

Audit and Accountability; Security Assessment and Authorization; Risk Assessment;


NISTIR 8011 Vol. 2 (DOI)
Local Download

Supplemental Material:
None available

Other Parts of this Publication:
NISTIR 8011 Vol. 1
NISTIR 8011 Vol. 3

Related NIST Publications:
SP 800-53A Rev. 4
SP 800-53 Rev. 4

Document History:
Draft NISTIR 8011 Vol. 2 (2/2/16)
NISTIR 8011 Vol. 2 (6/6/17)


Security and Privacy
asset management; continuous monitoring; security automation; security controls


Laws and Regulations
laws; OMB Circular A-130