Information security assessment

Definition
An information security assessment is

"the process of determining how effectively an entity being assessed (e.g., host, system, network, procedure, person mdash; known as the assessment object) meets specific security objectives."