What is the purpose of NIST 800-172A?

NIST 800-172A provides assessment procedures for the security requirements in NIST 800-172 .

What are assessment procedures?

An assessment procedure consists of an assessment objective , the objective's determination statement(s) , and a set of potential assessment methods and assessment objects that can be used to conduct the assessment.

What are assessment objectives?

Assessment objectives are containers for determination statements.

What are determination statements?

Determination statements are the individual tests included in an assessment objective. An example of a determination statement is 3.1.1e[a]: " Authorized users are identified ."

NIST 800-172A

Learn about NIST 800-172A and explore its assessment procedures (APs).

Explore the Assessment Procedures

Purpose

NIST 800-172A provides assessment procedures that are used during assessments of the NIST 800-172 enhanced security requirements.
1-Many Relationship

Most security requirements contain multiple testable requirements, and as a result they have many determination statements.

Self-Assessments

It is critical to self-assess using the assessment procedures. An auditor will be using them, and you need to self-assess using the same level of rigor.
140 Determination Statements

NIST 800-172A includes 140 determination statements.

NIST 800-171 / CMMC Training
Available Now!

Learn More

Lets stay connected

NIST 800-171 r2

Learn about NIST 800-171 and explore its 110 security requirements.

Learn More

CMMC 2.0

Learn about the CMMC 2.0 and explore its practices.

Learn More

NIST 800-172A

Purpose

1-Many Relationship

Self-Assessments

140 Determination Statements

Lets stay connected

NIST 800-171 r2

CMMC 2.0

GRC Academy

Affiliate Program

Contact Us

Connect With Us