|
controlRA-2
Security Categorization (RA-2)
Categorize the system and information it processes, stores, and transmits; Document the security categorization results, including supporting rationale, in the security plan for the system; and Verify that the authorizing official or authorizing official designated representative reviews and approves the security categorization decision.
Security Baselines
LOWMODERATEHIGH
risk-assessmentvulnerabilitythreat
Why These Connect
Baselined In3
This control is included in the linked security baseline (LOW, MODERATE, or HIGH).
Supports25
These related controls work together — a change to one may affect the others.
Enhances1
These enhancements add specific capabilities or refinements to the base control.
Related Controls(18)
CM-12Information Location (CM-12)
MH
PL-10Baseline Selection (PL-10)LMH
PL-11Baseline Tailoring (PL-11)LMH
PM-7Enterprise Architecture (PM-7)PM-11Mission and Business Process Definition (PM-11)CM-8System Component Inventory (CM-8)LMH
MP-4Media Storage (MP-4)MH
PL-2System Security and Privacy Plans (PL-2)LMH
RA-3Risk Assessment (RA-3)LMH
RA-5Vulnerability Monitoring and Scanning (RA-5)LMH
RA-7Risk Response (RA-7)LMH
RA-8Privacy Impact Assessments (RA-8)SA-8Security and Privacy Engineering Principles (SA-8)LMH
SC-7Boundary Protection (SC-7)LMH
SC-38Operations Security (SC-38)SI-12Information Management and Retention (SI-12)LMH
RA-9Criticality Analysis (RA-9)MH
SI-19De-identification (SI-19)