Under active development — Content is continuously updated and improved

Home / Frameworks / NIST SP 800-53 / RA — Risk Assessment

RA — Risk Assessment

26 controls in the Risk Assessment family

RA-1Policy And Procedures

RA-2Security Categorization

RA-2(1)Impact-Level Prioritization

RA-3Risk Assessment

RA-3(1)Supply Chain Risk Assessment

RA-3(2)Use Of All-Source Intelligence

RA-3(3)Dynamic Threat Awareness

RA-3(4)Predictive Cyber Analytics

RA-4Risk Assessment Update

RA-5Vulnerability Monitoring And Scanning

RA-5(1)Update Tool Capability

RA-5(2)Update Vulnerabilities To Be Scanned

RA-5(3)Breadth And Depth Of Coverage

RA-5(4)Discoverable Information

RA-5(5)Privileged Access

RA-5(6)Automated Trend Analyses

RA-5(7)Automated Detection And Notification Of Unauthorized Components

RA-5(8)Review Historic Audit Logs

RA-5(9)Penetration Testing And Analyses

RA-5(10)Correlate Scanning Information

RA-5(11)Public Disclosure Program

RA-6Technical Surveillance Countermeasures Survey

RA-7Risk Response

RA-8Privacy Impact Assessments

RA-9Criticality Analysis

RA-10Threat Hunting

← Back to all controls