NIST 800-171 v2
110 security requirements available
3.11.3Derived Requirement
Risk Assessment
Security Requirement
Remediate vulnerabilities in accordance with risk assessments.
Discussion
Vulnerabilities discovered, for example, via the scanning conducted in response to 3.11.2, are remediated with consideration of the related assessment of risk. The consideration of risk influences the prioritization of remediation efforts and the level of effort to be expended in the remediation for specific vulnerabilities.
- Framework
- NIST SP 800-171 Rev 2
- Family
- Risk Assessment
- Requirement Type
- derived
Related Frameworks
18 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
RA-5
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI17 mappings
CCI-001054
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001055
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001056
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001057
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001058
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001059
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001060
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001061
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001067
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001641
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001643
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001645
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002376
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002906
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004634
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004635
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004636
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
10 STIGs reach this control through 31 CCIs via 800-53 control RA-5. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Mainframe
2 STIGs
Operating System — Mainframe
2 STIGsMainframe Product Security Requirements Guide
32024-12-051 of 193 findings match
M1
Mainframe Product Security Requirements Guide
V3R42025-09-101 of 194 findings match
M1
Network Device
2 STIGs
Network Device
2 STIGsPalo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
22024-12-061 of 31 findings match
M1
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
V2R32026-02-131 of 31 findings match
M1
Virtualization / Container
5 STIGs
Virtualization / Container
5 STIGsContainer Platform Security Requirements Guide
22025-05-151 of 187 findings match
M1
Container Platform Security Requirements Guide
V2R42025-09-101 of 188 findings match
M1
Mirantis Kubernetes Engine Security Technical Implementation Guide
V2R12024-08-271 of 44 findings match
M1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
22025-05-151 of 83 findings match
M1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
V2R52025-12-041 of 83 findings match
M1
Endpoint Security Management
1 STIG
Endpoint Security Management
1 STIGAxonius Federal Systems Ax-OS Security Technical Implementation Guide
V1R22025-11-251 of 16 findings match
M1