Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 836
Additional KSAT for the following Work Roles
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37).