>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Home / Frameworks / FedRAMP Rev 5 / CA — Assessment, Authorization, and Monitoring

CA Assessment, Authorization, and Monitoring

16 controls in the Assessment, Authorization, and Monitoring family

CA-1Policy and Procedures
LI-SaaS
LOW
MODERATE
HIGH
CA-2Control Assessments
LI-SaaS
LOW
MODERATE
HIGH
CA-2 (01)Control Assessments | Independent Assessors
LOW
MODERATE
HIGH
CA-2 (02)Control Assessments | Specialized Assessments
HIGH
CA-2 (03)Control Assessments | Leveraging Results from External Organizations
MODERATE
HIGH
CA-3Information Exchange
LI-SaaS
LOW
MODERATE
HIGH
CA-3 (06)Information Exchange | Transfer Authorizations
HIGH
CA-5Plan of Action and Milestones
LI-SaaS
LOW
MODERATE
HIGH
CA-6Authorization
LI-SaaS
LOW
MODERATE
HIGH
CA-7Continuous Monitoring
LI-SaaS
LOW
MODERATE
HIGH
CA-7 (01)Continuous Monitoring | Independent Assessment
MODERATE
HIGH
CA-7 (04)Continuous Monitoring | Risk Monitoring
LOW
MODERATE
HIGH
CA-8Penetration Testing
LI-SaaS
LOW
MODERATE
HIGH
CA-8 (01)Penetration Testing | Independent Penetration Testing Agent or Team
MODERATE
HIGH
CA-8 (02)Penetration Testing | Red Team Exercises
MODERATE
HIGH
CA-9Internal System Connections
LI-SaaS
LOW
MODERATE
HIGH
← Back to all controls