Fandom

The IT Law Wiki

Security evaluation

32,338pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

Security evaluation is

[t]he examination of the technical and nontechnical security features of a computer system and other safeguards that establishes the extent to which a particular design and implementation meet a specified set of security requirements.[1]
[a]n evaluation done to assess the degree of trust that can be placed in systems for the secure handling of sensitive information.[2]

Overview Edit

One type, a product evaluation, is an evaluation performed on the hardware and software features and assurances of a computer product from a perspective that excludes the application environment. The other type, a system evaluation, is done for the purpose of assessing a system's security safeguards with respect to a specific operational mission and is a major step in the certification and accreditation process.[3]

References Edit

  1. NIST Special Publication 800-4, App. D, Glossary.
  2. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
  3. Id.

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.