security control assessor (SCA)

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

assessor

CNSSI 4009-2015, NIST SP 800-171 Rev. 2, NIST SP 800-172A

Assessor

NIST SP 800-137, NIST SP 800-30 Rev. 1, NIST SP 800-39, NIST SP 800-89

SCA

CNSSI 4009-2015

Definition(s):

  The individual, group, or organization responsible for conducting a security control assessment.
Source(s):
CNSSI 4009-2015
NIST SP 800-137 under Security Control Assessor
NIST SP 800-30 Rev. 1 under Security Control Assessor
NIST SP 800-39 under Security Control Assessor

  See Security Control Assessor.
Source(s):
NIST SP 800-137 under Assessor
NIST SP 800-172 under assessor
NIST SP 800-39 under Assessor
NIST SP 800-171 Rev. 2 under assessor

  The individual responsible for conducting assessment activities under the guidance and direction of a Designated Authorizing Official. The Assessor is a 3rd party.
Source(s):
NIST SP 800-79-2 under Assessor

  The individual, group, or organization responsible for conducting a security or privacy assessment.
Source(s):
NIST SP 800-37 Rev. 2 under assessor

  See security control assessor or risk assessor.
Source(s):
CNSSI 4009-2015 under assessor from NIST SP 800-30 Rev. 1
NIST SP 800-30 Rev. 1 under Assessor

  The individual, group, or organization responsible for conducting a security or privacy control assessment.
Source(s):
NIST SP 800-53 Rev. 5 under assessor

  The individual, group, or organization responsible for conducting a security or privacy control assessment.
Source(s):
NIST SP 800-53A Rev. 5 under Assessor

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.