home || catalog: SP800-53rev3 / class: Management / family: (RA) Risk Assessment ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA

RA-01
RA-02
RA-03
RA-04 *
RA-05

SA
SC
SI
MMMMM

  RA-04: Risk Assessment Update  

base control objective:
Withdrawn: Incorporated into RA-03.

supplemental objective information:

enhancements to the base objective:

mapping to FIPS199 baseline:

  LOW: wd     MOD: wd     HIGH: wd  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for RA-04:

Document Date Status Title
NIST SP800-115 September, 2008 current   Technical Guide to Information Security Testing and Assessment
NIST SP800-12 October, 1995 current   An Introduction to Computer Security: The NIST Handbook
NIST SP800-121 June, 2012 current   Guide to Bluetooth Security
NIST SP800-13 October, 1995 current   Telecommunications Security Guidelines for Telecommunications Management Network
NIST SP800-14 September, 1996 current   Generally Accepted Principles and Practices for Securing Information Technology Systems
NIST SP800-19 October, 1999 current   Mobile Agent Security
NIST SP800-23 August, 2000 current   Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products
NIST SP800-24 August, 2000 current   PBX Vulnerability Analysis: Finding Holes in Your PBX Before Someone Else Does
NIST SP800-25 October, 2000 current   Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
NIST SP800-28 October, 2001 current   Guidelines on Active Content and Mobile Code
NIST SP800-30 July 2002 groan...   Risk Management Guide for Information Technology Systems
NIST SP800-32 February, 2001 current   Introduction to Public Key Technology and the Federal PKI Infrastructure
NIST SP800-34 May, 2010 current   Contingency Planning Guide for Information Technology Systems
NIST SP800-37 Feb, 2010 current   Guide for the Security Certification and Accreditation of Federal Information Systems
NIST SP800-39 December, 2010 DRAFT   Integrated Enterprise-Wide Risk Management: Organization, Mission, and Information System View
NIST SP800-40 November, 2005 current   Creating a Patch and Vulnerability Management Program
NIST SP800-44 September 2002 current   Guidelines on Securing Public Web Servers
NIST SP800-45 August, 2006 DRAFT   Guidelines on Electronic Mail Security
NIST SP800-46 June, 2009 current   Guide to Enterprise Telework and Remote Access Security
NIST SP800-48 July, 2008 current   Wireless Network Security: 802.11, Bluetooth, and Handheld Devices
NIST SP800-54 September, 2006 DRAFT   Border Gateway Protocol Security
NIST SP800-55 July, 2008 current   Security Metrics Guide for Information Technology Systems
NIST SP800-60v1 August, 2008 current   Volume 1, Guide for Mapping Types of Information and Information Systems to Security Categories
NIST SP800-60v2 August, 2008 current   Volume 2,Guide for Mapping Types of Information and Information Systems to Security Categories
NIST SP800-63 April, 2006 current   Electronic Authentication Guideline
NIST SP800-65 January, 2005 current   Integrating IT Security into the Capital Planning and Investment Control Process
NIST SP800-66 October, 2008 current   An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
NIST SP800-82 June, 2011 current   Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security
NIST SP800-98 September, 2006 DRAFT   Guidelines for Securing Radio Frequency Identification (RFID) Systems

Search SP800-53rev3 catalog: