Guide for Assessing the Security Controls in Federal Information Systems and Organizations

Citation: NIST, Guide for Assessing the Security Controls in Federal Information Systems and Organizations, SP 800-53A, rev. 1 (June 2010).

Overview
This is an updated security assessment guideline intended to incorporate leading practices in information security from DOD, the intelligence community, and civil agencies and includes security control assessment procedures for both national security and non-national security systems. The guidelines for developing security assessment plans are intended to support a wide variety of assessment activities in all phases of the system development life cycle, including development, implementation, and operation.