The IT Law Wiki


32,068pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Tailoring is

[t]he process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed; and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.[1]

References Edit

  1. NIST Special Publication 800-53, Rev. 3.

Also on Fandom

Random Wiki