The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Security, Definition

Tailoring

Revision as of 07:07, 7 November 2011 by Mdscott (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Edit

Definition[]

Tailoring is

[t]he process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed; and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.[1]

References[]

  1. NIST Special Publication 800-53, Rev. 3.
Community content is available under CC-BY-SA unless otherwise noted.
Advertisement