Assessment procedures and a methodology that can be employed to conduct assessments of the enhanced security requirements in NIST Special Publication 800-172.
Assessments conducted using the SP 800-172A procedures are guided and informed by the system security plans for the organizational systems processing, storing, or transmitting CUI. The assessments focus on the overall effectiveness of the security safeguards intended to satisfy the SP 800-172 enhanced security requirements.
Security and Privacy: risk management