|

controlCA-2

Control Assessments (CA-2)

Select the appropriate assessor or assessment team for the type of assessment to be conducted; Develop a control assessment plan that describes the scope of the assessment including: Ensure the control assessment plan is reviewed and approved by the authorizing official or designated representative prior to conducting the assessment; Assess the controls in the system and its environment of operation [organization-defined] to determine the extent to which the controls are implemented correctly, o

Security Baselines

LOWMODERATEHIGH

assessmentauthorizationmonitoring

Why These Connect

Baselined In3

This control is included in the linked security baseline (LOW, MODERATE, or HIGH).

Supports19

These related controls work together — a change to one may affect the others.

Enhances3

These enhancements add specific capabilities or refinements to the base control.

Related Controls(16)

AU-6Audit Record Review, Analysis, and Reporting (AU-6)

AC-20Use of External Systems (AC-20)

CA-5Plan of Action and Milestones (CA-5)

CA-6Authorization (CA-6)

CA-7Continuous Monitoring (CA-7)

PM-9Risk Management Strategy (PM-9)RA-5Vulnerability Monitoring and Scanning (RA-5)

RA-10Threat Hunting (RA-10)SA-11Developer Testing and Evaluation (SA-11)

SC-38Operations Security (SC-38)SI-3Malicious Code Protection (SI-3)

SI-12Information Management and Retention (SI-12)

SR-2Supply Chain Risk Management Plan (SR-2)

SR-3Supply Chain Controls and Processes (SR-3)

PL-2System Security and Privacy Plans (PL-2)

PM-31Continuous Monitoring Strategy (PM-31)

Control Enhancements(3)

CA-2(1)Independent Assessors (CA-2(1))

CA-2(2)Specialized Assessments (CA-2(2))

CA-2(3)Leveraging Results from External Organizations (CA-2(3))

See Also

@SP 800-53 Overview ⚖Compare Baselines