💼 RA-2 Security Categorization
- ID:
/frameworks/nist-sp-800-53-r5/ra/02
Description​
a. Categorize the system and information it processes, stores, and transmits; b. Document the security categorization results, including supporting rationale, in the security plan for the system; and c. Verify that the authorizing official or authorizing official designated representative reviews and approves the security categorization decision.
Similar​
- Internal
- ID:
dec-c-6d2849b0
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 RA-2 Security Categorization (L)(M)(H) | no data | ||||
| 💼 FedRAMP Low Security Controls → 💼 RA-2 Security Categorization (L)(M)(H) | no data | ||||
| 💼 NIST CSF v2.0 → 💼 ID.AM-05: Assets are prioritized based on classification, criticality, resources, and impact on the mission | no data | ||||
| 💼 NIST CSF v2.0 → 💼 ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded | 7 | no data | |||
| 💼 NIST CSF v2.0 → 💼 ID.RA-05: Threats, vulnerabilities, likelihoods, and impacts are used to understand inherent risk and inform risk response prioritization | 7 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 RA-2(1) Security Categorization _ Impact-level Prioritization | no data |