Definition[]
Tailoring is
“ | [t]he process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed; and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.[1] | ” |
References[]
- ↑ NIST Special Publication 800-53, Rev. 3.