Security Assessment Plan (SAP)

GPTKB entity

Statements (42)
Predicate Object
gptkbp:instanceOf manual
security assessment artifact
gptkbp:approvedBy authorizing official
gptkbp:basisFor authorization decision
conducting security assessment
documenting assessment results
evaluating security controls
gptkbp:contains assessment tools
rules of engagement
assessment resources
roles and responsibilities
assessment procedures
assessment approach
assessment deliverables
assessment schedule
security controls to be assessed
gptkbp:createdBy security assessor
https://www.w3.org/2000/01/rdf-schema#label Security Assessment Plan (SAP)
gptkbp:purpose define assessment methods
define assessment objectives
define scope of security assessment
document assessment procedures
establish assessment schedule
identify assessment team
gptkbp:relatedTo gptkb:Plan_of_Action_and_Milestones_(POA&M)
gptkb:Security_Assessment_Report_(SAR)
gptkb:System_Security_Plan_(SSP)
gptkbp:requires gptkb:NIST_SP_800-53
gptkb:Federal_Risk_and_Authorization_Management_Program_(FedRAMP)
gptkb:NIST_SP_800-37
gptkb:FISMA
gptkbp:step authorization process
security assessment process
gptkbp:targetAudience authorizing official
information system security officer
security assessor
system owner
gptkbp:updated prior to assessment
gptkbp:usedIn information security
risk management framework
gptkbp:bfsParent gptkb:FedRAMP_Moderate
gptkbp:bfsLayer 7