RA-3(3)

  • Requirement

    Determine the current cyber threat environment on an ongoing basis using [Assignment: organization-defined means].

  • Discussion

    The threat awareness information that is gathered feeds into the organization's information security operations to ensure that procedures are updated in response to the changing threat environment. For example, at higher threat levels, organizations may change the privilege or authentication thresholds required to perform certain operations.

More Info

  • Title

    Risk Assessment | Dynamic Threat Awareness
  • Family

    Risk Assessment
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

      AT-2

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!