Penetration Testing Policy and Procedures (CA-8, SA-11(5))

Have Questions?
Talk to an ASP Expert at 703-254-3202

Description: NIST RMF policy and procedures document detailing the requirements relating to data penetration testing as described in CA-8 and SA-11(5) of NIST SP 800-53, Revision 5.

Specifications: Developed in accordance with NIST SP 800-53, Revision 5 (12-10-2020), and other related security control frameworks, where applicable.

Control Family: Assessment, Authorization, and Monitoring (CA). System and Services Acquisition (SA). 

Control Mapping: CA-8, SA-11(5).

Security Control Baseline Coverage: Includes coverage for all LOW, MOD, and HIGH Baselines, per NIST SP 800-53B (12-10-2020).

Direct Compliance Use: FISMA, FedRAMP, NISP eMASS RMF, and other related NIST RMF reporting requirements for security and privacy. Can be used for mapping to DFARS NIST 800-171 and CMMC controls, where applicable.

Format: MS Word document (.docx).

Length: 5 pages.

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.


What Our Customers Are Saying


Companies Who Trust Us