The IT Law Wiki

System assessment

32,076pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

A system assessment is

[a] comprehensive assessment of the management and operational and technical security controls in an information system, made in support of security accreditation, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements of the system.[1]

References Edit

  1. FY 2011 Frequently Asked Questions on Reporting for the Federal Information Security Management Act and Agency Privacy Management, Definitions, at 25, attached to OMB Memorandum M-11-33.

Also on Fandom

Random Wiki