None

  The process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed; and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.
Source(s):
NIST SP 800-12 Rev. 1 under Tailoring NIST SP 800-37
NIST SP 800-137 under Tailoring CNSSI 4009
NIST SP 800-30 Rev. 1 under Tailoring NIST SP 800-53, CNSSI 4009
NIST SP 800-37 Rev. 1 under Tailoring
NIST SP 800-39 under Tailoring NIST SP 800-53, CNSSI 4009

  The process by which security control baselines are modified by: (i) identifying and designating common controls; (ii) applying scoping considerations on the applicability and implementation of baseline controls; (iii) selecting compensating security controls; (iv) assigning specific values to organization-defined security control parameters; (v) supplementing baselines with additional security controls or control enhancements; and (vi) providing additional specification information for control implementation.
Source(s):
NIST SP 800-53 Rev. 4 under Tailoring

  The process by which security control baselines are modified by identifying and designating common controls; applying scoping considerations; selecting compensating controls; assigning specific values to agency-defined control parameters; supplementing baselines with additional controls or control enhancements; and providing additional specification information for control implementation. The tailoring process may also be applied to privacy controls.
Source(s):
NIST SP 800-37 Rev. 2

  The process by which security control baselines are modified by: (i) identifying and designating common controls; (ii) applying scoping considerations on the applicability and implementation of baseline controls; (iii) selecting compensating security controls; (iv) assigning specific values to organization-defined security control parameters; (v) supplementing baselines with additional security controls or control enhancements; and (vi) providing additional specification information for control implementation. [Note: Certain tailoring activities can also be applied to privacy controls.]
Source(s):
NIST SP 800-53A Rev. 4 under Tailoring NIST SP 800-53

  The process by which a security control baseline is modified based on (i) the application of scoping guidance, (ii) the specification of compensating security controls, if needed, and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.
Source(s):
CNSSI 4009-2015 NIST SP 800-37 Rev. 1

  The process by which assessment procedures defined in Special Publication 800-53A are adjusted, or scoped, to match the characteristics of the information system under assessment, providing organizations with the flexibility needed to meet specific organizational requirements and to avoid overly-constrained assessment approaches.
Source(s):
NIST SP 800-53A Rev. 4 under Tailoring (Assessment Procedures)

  Similar in concept to tailoring baselines as described in SP 800-53, a cooperative process that modifies part of a set of assessment elements by: (i) changing the scope of the assessment or risk management level, (ii) adding or eliminating assessment elements, or (iii) modifying the attributes of an assessment element.
Source(s):
NIST SP 800-137A NIST SP 800-53 Rev. 4 - Adapted

  An element that specifies profiles to modify the behavior of a benchmark; the top-level element of a tailoring document.
Source(s):
NISTIR 7275 Rev. 4 under Tailoring

  The process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed; and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.
Source(s):
NISTIR 8170 under Tailoring NIST SP 800-53, CNSSI 4009