Term:Security Assessment Report
NIST IR 7328 Draft
Security Assessment Report - The document that the assessment team develops to report the results of the security control assessment. The assessment team reports, for each assessment procedure performed, whether each determination statement in an assessment procedural step was "satisfied" or "other than satisfied." In the latter case, the assessment team indicates which parts of the security control were affected by the finding, describes how the control differs from the planned or expected state, and notes any potential compromises to confidentiality, integrity, and availability due to the "other than satisfied" result.