The IT Law Wiki

Security evaluation

32,299pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

Security evaluation is

[t]he examination of the technical and nontechnical security features of a computer system and other safeguards that establishes the extent to which a particular design and implementation meet a specified set of security requirements.[1]
[a]n evaluation done to assess the degree of trust that can be placed in systems for the secure handling of sensitive information.[2]

Overview Edit

One type, a product evaluation, is an evaluation performed on the hardware and software features and assurances of a computer product from a perspective that excludes the application environment. The other type, a system evaluation, is done for the purpose of assessing a system's security safeguards with respect to a specific operational mission and is a major step in the certification and accreditation process.[3]

References Edit

  1. NIST Special Publication 800-4, App. D, Glossary.
  2. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
  3. Id.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki