Defect Check: Difference between revisions
imported>Unknown user No edit summary |
imported>Unknown user No edit summary |
||
| Line 1: | Line 1: | ||
{{LanguageHeader|en}} | {{LanguageHeader|en}} | ||
{{CyberTerm|definition=A defect check is a way to assess determination statements. It has the following additional properties. A defect check: • Is stated as a test (wherever appropriate); • Can be automated; • Explicitly defines a particular desired state specification that is then compared to the corresponding actual state to determine the test result; • Provides information that may help determine the degree of control effectiveness/level of risk that is acceptable; • Suggests risk response options; and • Assesses a corresponding sub-capability.|source=NISTIR 8011 Vol. 1}} | {{CyberTerm|definition=A defect check is a way to assess determination statements. It has the following additional properties. A defect check: | ||
• Is stated as a test (wherever appropriate); | |||
• Can be automated; | |||
• Explicitly defines a particular desired state specification that is then compared to the corresponding actual state to determine the test result; | |||
• Provides information that may help determine the degree of control effectiveness/level of risk that is acceptable; | |||
• Suggests risk response options; and | |||
• Assesses a corresponding sub-capability.|source=NISTIR 8011 Vol. 1}} | |||
Revision as of 01:42, 15 January 2026
Defect Check
A defect check is a way to assess determination statements. It has the following additional properties. A defect check: • Is stated as a test (wherever appropriate); • Can be automated; • Explicitly defines a particular desired state specification that is then compared to the corresponding actual state to determine the test result; • Provides information that may help determine the degree of control effectiveness/level of risk that is acceptable; • Suggests risk response options; and • Assesses a corresponding sub-capability.
Source: NISTIR 8011 Vol. 1 | Category: