Common Security Control

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Definition(s):

Security control that can be applied to one or more agency information systems and has the following properties: (i) the development, implementation, and assessment of the control can be assigned to a responsible official or organizational element (other than the information system owner); and (ii) the results from the assessment of the control can be used to support the security certification and accreditation processes of an agency information system where that control has been applied.
Source(s):
NIST SP 800-18 Rev. 1 from NIST SP 800-37

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

Common Security Control

Glossary Comments