SECURITY ASSESSMENTS - 5330.1
(Revised: 06/2014)
Policy: Each state entity shall perform security assessments to determine whether the security controls selected by the state entity are implemented correctly and working as intended to mitigate risk. Security assessments conducted by the state entity shall include, but are not limited to, the following:
- Legal, policy, standards, and procedure compliance review;
- Vulnerability scanning; and
- Penetration testing.
Implementation Controls: NIST SP 800-53: Assessment, Authorization, and Monitoring (CA), Supply Chain Risk Management (SR)
Revisions
No Revisions for this item.
Search Entire Manual
Print Entire SAM Manual
Please bear with us, generating the entire SAM for printing will take approximately two minutes.