💼 RA-9 Criticality Analysis
- ID:
/frameworks/nist-sp-800-53-r5/ra/09
Stats​
not available
Description​
Identify critical system components and functions by performing a criticality analysis for [Assignment: organization-defined systems, system components, or system services] at [Assignment: organization-defined decision points in the system development life cycle].
Similar​
- Internal
- ID:
dec-c-18fe24da
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 RA-9 Criticality Analysis (M)(H) | no data | ||||
| 💼 NIST CSF v2.0 → 💼 GV.OC-04: Critical objectives, capabilities, and services that external stakeholders depend on or expect from the organization are understood and communicated | 4 | no data | |||
| 💼 NIST CSF v2.0 → 💼 GV.SC-04: Suppliers are known and prioritized by criticality | 7 | no data | |||
| 💼 NIST CSF v2.0 → 💼 GV.SC-07: The risks posed by a supplier, their products and services, and other third parties are understood, recorded, prioritized, assessed, responded to, and monitored over the course of the relationship | 26 | no data | |||
| 💼 NIST CSF v2.0 → 💼 ID.AM-05: Assets are prioritized based on classification, criticality, resources, and impact on the mission | no data | ||||
| 💼 NIST CSF v2.0 → 💼 ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded | 7 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|