RA-3 Risk Assessment is supported by which NIST publication?

Enhance your preparation for the Federal IT Security Professional Test. Use quizzes, flashcards, and detailed explanations to ensure success. Stay ahead in the field of IT Security!

Multiple Choice

RA-3 Risk Assessment is supported by which NIST publication?

Explanation:
The idea being tested is how risk assessment controls fit into the Federal Risk Management Framework. RA-3 is part of the risk assessment controls and is applied within the RMF lifecycle. NIST SP 800-37 provides the framework for selecting, implementing, assessing, authorizing, and monitoring security controls, and it ties the control set (including RA-3) into the overall RMF process. While 800-30 gives detailed risk assessment methodologies that you might use when performing the assessment, and 800-53A covers assessment procedures for controls, the publication that directly supports applying RA-3 within the RMF is 800-37.

The idea being tested is how risk assessment controls fit into the Federal Risk Management Framework. RA-3 is part of the risk assessment controls and is applied within the RMF lifecycle. NIST SP 800-37 provides the framework for selecting, implementing, assessing, authorizing, and monitoring security controls, and it ties the control set (including RA-3) into the overall RMF process. While 800-30 gives detailed risk assessment methodologies that you might use when performing the assessment, and 800-53A covers assessment procedures for controls, the publication that directly supports applying RA-3 within the RMF is 800-37.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy