dcsimg

Find an IT Download

Assessing Security and Privacy Controls in Federal Information Systems and Organizations

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations.


4.3 MB | 3 files | null PDF

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations. The assessment procedures, executed at various phases of the system development lifecycle, are consistent with the security and privacy controls in NIST Special Publication 800-53, Revision 4. The procedures are customizable and can be easily tailored to provide organizations with the needed flexibility to conduct security control assessments and privacy control assessments that support organizational risk management processes and that are aligned with the stated risk tolerance of the organization. Information on building effective security assessment plans and privacy assessment plans is also provided along with guidance on analyzing assessment results.

The attached zip file includes:

  • Intro Page.pdf
  • Terms and Conditions.pdf
  • AssessingSecPrivacyControls.pdf

Related IT DOWNLOADS

Recent IT Downloads
Building a GRC Program: Assessing Stakeholder Needs and Readiness

This table outlines the top needs of each stakeholder group that can help guide your conversat...Read More

Recent IT Downloads
Guide to Cyber Threat Information Sharing

This publication provides guidelines for establishing and participating in cyber threat inform...Read More

Recent IT Downloads
Trustworthy Email

This document provides recommendations and guidelines for enhancing trust in email, including ...Read More