Term:Extended Assessment Procedure

From FISMApedia
Jump to: navigation, search

NIST IR 7328 Draft

Extended Assessment Procedure - A type of assessment procedure that is applied to an individual security control or a group of security controls (e.g., the set of security controls in a particular security control family or the set of security controls in an information system security plan) and works in conjunction with specialized assessment procedures in determining control effectiveness.

NIST SP 800-53A

Extended Assessment Procedure - A type of assessment procedure that is applied to an individual security control or a group of controls (e.g., the set of security controls in a particular security control family or the set of controls in a security plan) and is used in conjunction with other assessment procedures in providing the necessary information for determining control effectiveness.

Retrieved from "http://fismapedia.org/index.php?title=Term:Extended_Assessment_Procedure&oldid=38753"