Tag Archives: SP 800-53A

The National Institute of Standards and Technology (NIST) has published an update to its SP 800-53A standard, “Assessing Security and Privacy Controls in Information Systems and Organizations.” The publication provides a methodology and set of procedures for conducting assessments of security and privacy controls employed within systems and organizations within an effective risk management framework. The assessment procedures, executed at various phases of the system development life cycle, are consistent with the security and privacy controls in NIST Special Publication 800-53, Revision 5. The SP 800-53A assessment procedures are flexible, provide a framework and starting point for control assessments, and can be tailored to the needs of organizations and assessors. SP 800-53A facilitates security and privacy control assessments conducted within an effective risk management framework. The revision includes new assessment procedures that address newly added and updated privacy and supply chain risk management controls in SP 800-53 Revision 5. SP…

Read more

1/1