...
Security Reviewer leads on OWASP Benchmark.
DISA Control Correlation Identifier Version 2
Defense Information Systems Agency (DISA) organizations are strictly regulated and must ensure their systems are securely configured and that the systems comply with the applicable security policies. According to the Information Assurance Support Environment (IASE), who maintains the Control Correlation Identifier (CCI) list, and provides a standard identifier and description for each of the singular, actionable statements that comprise an IA control or IA best practice. CCI bridges the gap between high-level policy expressions and low-level technical implementations. CCI allows a security requirement that is expressed in a high-level policy framework to be decomposed and explicitly associated with the low-level security setting(s) that must be assessed to determine compliance with the objectives of that specific security control. This ability to trace security requirements from their origin (e.g., regulations, IA frameworks) to their low-level implementation allows organizations to readily demonstrate compliance to multiple IA compliance frameworks. CCI also provides a means to objectively rollup and compare related compliance assessment results across disparate technologies. Security Reviewer suite provides references to those controls inside the Reports and the dashboard, Team Reviewer.
NIST Special Publication 800-53 Revision 5
This NIST SP 800-53 database represents the controls defined in NIST SP 800-53 Revision 5, Security and Privacy Controls for Information Systems and Organizations. These next generation controls offer a proactive and systematic approach to ensuring that critical systems, components, and services are sufficiently trustworthy and have the necessary resilience. Security Reviewer suite provides references to those controls inside the Reports and the dashboard, Team Reviewer.
COPYRIGHT (C) 2014-2022 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.