top of page
RMF Step 4 - Assessment 

Guidance:  NIST SP 800-30; 37; 39; 53; 53A; 137; CNSSI 1253F Attachments

  • 3rd Party Agent provides Assessment Review to client 

  • Client reassess, evaluate and corrects

    • Security controls

    • Supporting documentation (Plans, Diagrams, Evidence etc.)

    • Plan of Action and Milestones

    • Risk Assessment Report prior to final assessment reporting

  • 3rd Party Agent develops and delivers System Assessment Report  and Executive Report to the Security Control Assessor

  • Security Control Assessor evaluates the Trusted Agents reports and provides a recommendation decision to the Authorizing Official

bottom of page