Security assessment and authorization
Governance, preparation, and execution
Abstract
This chapter focuses on the governance, preparation, and execution of the assessment and authorization processes. An introduction to the security assessment process provides a basic understanding of security assessments as it relates to the integration of security testing within system development life cycle and in support of information system authorization. The roles and responsibilities of the security assessment customer and provider are discussed across the various aspects of security assessment activities to include governance, preparation, and execution.
Keywords
SDLC; security assessment process; RMF; FedRAMP; system security plan; authorization; ...
Get Federal Cloud Computing, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
