💼 RA-9 Criticality Analysis
- ID:
/frameworks/nist-sp-800-53-r5/ra/09
Description​
Identify critical system components and functions by performing a criticality analysis for [Assignment: organization-defined systems, system components, or system services] at [Assignment: organization-defined decision points in the system development life cycle].
Similar​
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
| 💼 FedRAMP High Security Controls → 💼 RA-9 Criticality Analysis (M)(H) | | | | | no data |
| 💼 NIST CSF v2.0 → 💼 GV.OC-04: Critical objectives, capabilities, and services that external stakeholders depend on or expect from the organization are understood and communicated | | | 3 | | no data |
| 💼 NIST CSF v2.0 → 💼 GV.SC-04: Suppliers are known and prioritized by criticality | | | 7 | | no data |
| 💼 NIST CSF v2.0 → 💼 GV.SC-07: The risks posed by a supplier, their products and services, and other third parties are understood, recorded, prioritized, assessed, responded to, and monitored over the course of the relationship | | | 26 | | no data |
| 💼 NIST CSF v2.0 → 💼 ID.AM-05: Assets are prioritized based on classification, criticality, resources, and impact on the mission | | | | | no data |
| 💼 NIST CSF v2.0 → 💼 ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded | | | 7 | | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|