NIST SP 800-53

MODERATE BASELINE SECURITY CONTROLS

TAILORING
ACTION

RA-1

Risk Assessment Policy and Procedures

NFO

RA-2

Security Categorization

FED

RA-3

Risk Assessment

CUI

RA-5

Vulnerability Scanning

CUI

RA-5(1)

VULNERABILITY SCANNING | UPDATE TOOL CAPABILITY

NFO

RA-5(2)

VULNERABILITY SCANNING | UPDATE BY FREQUENCY / PRIOR TO NEW SCAN / WHEN IDENTIFIED

NFO

RA-5(5)

VULNERABILITY SCANNING | PRIVILEGED ACCESS

CUI