Security Control Assessor

From CyberEdWiki
Jump to: navigation, search

The Security Control Assessor Work Role is from the Risk Management (RSK) NICE Framework Specialty Area.

Definition[edit]

Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). [NIST SP 800-181]