STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 7 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← All Controls

CA-2

Assessment, Authorization, and MonitoringRev 4

Control Assessments

CCI Identifiers (15)

CCI-000245The organization develops a security assessment plan for the information system and its environment of operation.CCI-000246Develop a control assessment plan that describes the scope of the assessment including controls and control enhancements under assessment.CCI-000247Develop a control assessment plan that describes the scope of the assessment including assessment procedures to be used to determine control effectiveness.CCI-000248Develop a control assessment plan that describes the scope of the assessment including assessment environment.CCI-000249The organizations security assessment plan describes the assessment team.CCI-000250The organization's security assessment plan describes assessment roles and responsibilities.CCI-000251Assess the controls in the systems and its environment of operation on an organization-defined frequency, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements.CCI-000252Defines the frequency on which the security controls in the system and its environment of operation are assessed.CCI-000253Produce a control assessment report that document the results of the assessment.CCI-000254Provide the results of the control assessment to organization-defined individuals or roles.CCI-002070Develop a control assessment plan that describes the scope of the assessment including assessment team, and assessment roles and responsibilities.CCI-002071Defines the individuals or roles to whom the results of the control assessment are to be provided.CCI-003859Select the appropriate assessor or assessment team for the type of assessment to be conducted.CCI-003860Ensure the control assessment plan is reviewed and approved by the authorizing official or designated representative prior to conducting the assessment.CCI-003861Assess the controls in the systems and its environment of operation on an organization-defined frequency, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the privacy requirements.

Linked STIG Checks (0)

No STIG checks reference this control.