An assessment object that includes document-based artifacts (e.g., policies, procedures, plans, system security requirements, functional specifications, architectural designs) associated with a system.

Source: NIST SP 800-53A Rev. 5 | Category: