What is the purpose of NIST 800-172A?

NIST 800-172A provides assessment procedures for the security requirements in NIST 800-172 .

What are assessment procedures?

An assessment procedure consists of an assessment objective , the objective's determination statement(s) , and a set of potential assessment methods and assessment objects that can be used to conduct the assessment.

What are assessment objectives?

Assessment objectives are containers for determination statements.

What are determination statements?

Determination statements are the individual tests included in an assessment objective. An example of a determination statement is 3.1.1e[a]: " Authorized users are identified ."

NIST 800-172A

Learn about NIST 800-172A and explore the related enhanced security requirements.

Explore the Requirements

Purpose

NIST 800-172A provides assessment procedures that are used during assessments of the NIST 800-172 enhanced security requirements.
1-Many Relationship

Most security requirements contain multiple testable requirements, and as a result they have many determination statements.

Self-Assessments

It is critical to self-assess using the assessment procedures. An auditor will be using them, and you need to self-assess using the same level of rigor.
140 Determination Statements

NIST 800-172A includes 140 determination statements.