Security Control Assessment

From FISMApedia
Jump to: navigation, search

NIST SP 800-53AdF

The testing and/or evaluation of the management, operational, and technical security controls in an information system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.