Knowledge ID: K0037

Knowledge Description: Knowledge of Security Assessment and Authorization process. 

Work Roles with this Knowledge:

  • Work Role ID: SP-ARC-001
    Work Role Name: Enterprise Architect
    Work Role Description: Develops and maintains business, systems, and information processes to support enterprise mission needs; develops information technology (IT) rules and requirements that describe baseline and target architectures.
    Specialty Area(s): Systems Architecture
  • Work Role ID: SP-ARC-002
    Work Role Name: Security Architect
    Work Role Description: Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.
    Specialty Area(s): Systems Architecture
  • Work Role ID: SP-RSK-001
    Work Role Description: Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).
    Specialty Area(s): Risk Management
  • Work Role ID: SP-RSK-002
    Work Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
    Specialty Area(s): Risk Management
  • Work Role ID: SP-TST-001
    Work Role Description: Plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.
    Specialty Area(s): Test and Evaluation