Security and Privacy Controls for Information Systems and Organizations

ASSESSMENT, AUTHORIZATION, and MONITORING

The ASSESSMENT, AUTHORIZATION, AND MONITORING Playbook addresses the following areas:

  • Policy and Procedures
  • Control Assessments
  • Information Exchange
  • Plan of Action and Milestones
  • Authorization
  • Continuous Monitoring
  • Penetration Testing
  • Internal System Connections

The ASSESSMENT, AUTHORIZATION, AND MONITORING Playbook is included in the Security and Privacy Controls for Information Systems and Organizations (NIST 80-53) Library which has been developed by the U.S. Department of Commerce's  National Institute of Standards and Technology (NIST).  It establishes controls for systems and organizations. The controls can be implemented within any organization or system that processes, stores, or transmits information.  

Back (Small2)