πΌ CA-2 Control Assessments (L)(M)(H)
- Contextual name: πΌ CA-2 Control Assessments (L)(M)(H)
- ID:
/frameworks/fedramp-low-security-controls/ca/02 - Located in: πΌ Assessment, Authorization, and Monitoring
Descriptionβ
a. Select the appropriate assessor or assessment team for the type of assessment to be conducted;
b. Develop a control assessment plan that describes the scope of the assessment including:
-
Controls and control enhancements under assessment;
-
Assessment procedures to be used to determine control effectiveness; and
-
Assessment environment, assessment team, and assessment roles and responsibilities;
c. Ensure the control assessment plan is reviewed and approved by the authorizing official or designated representative prior to conducting the assessment;
d. Assess the controls in the system and its environment of operation [FedRAMP Assignment: at least annually] to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting established security and privacy
e. Produce a control assessment report that document the results of the assessment; and
f. Provide the results of the control assessment to [FedRAMP Assignment: individuals or roles to include FedRAMP PMO].
CA-2 Additional FedRAMP Requirements and Guidance:
Guidance: Reference FedRAMP Annual Assessment Guidance.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/ca/02/frameworks/fedramp-high-security-controls/ca/02
- Internal
- ID:
dec-c-0bf15bfd
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ CA-2 Control Assessments (L)(M)(H) | 3 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ CA-2 Control Assessments | 3 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CA-2(1) Independent Assessors (L)(M)(H) |