Oversight and Governance
OG-WRL-012

Security Control Assessment

Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.

  • T0309: Assess the effectiveness of security controls
  • T0495: Manage Accreditation Packages (e.g., ISO/IEC 15026-2)
  • T1012: Expand network access
  • T1013: Conduct technical exploitation of a target
  • T1019: Determine special needs of cyber-physical systems
  • T1020: Determine the operational and safety impacts of cybersecurity lapses
  • T1021: Review cyber defense service provider reporting structure
  • T1022: Review enterprise information technology (IT) goals and objectives
  • T1023: Identify critical technology procurement requirements
  • T1026: Determine procurement requirements
  • T1030: Estimate the impact of collateral damage
  • T1036: Integrate leadership priorities
  • T1038: Integrate organization objectives in intelligence collection
  • T1041: Determine impact of software configurations
  • T1046: Assess operation performance
  • T1047: Assess operation impact
  • T1054: Scope analysis reports to various audiences that accounts for data sharing classification restrictions
  • T1055: Determine if priority information requirements are satisfied
  • T1079: Develop cybersecurity risk profiles
  • T1084: Identify anomalous network activity
  • T1118: Identify vulnerabilities
  • T1119: Recommend vulnerability remediation strategies
  • T1232: Approve accreditation packages
  • T1263: Perform security reviews
  • T1264: Identify gaps in security architecture
  • T1265: Develop a cybersecurity risk management plan
  • T1266: Recommend risk mitigation strategies
  • T1269: Conduct risk analysis of applications and systems undergoing major changes
  • T1270: Plan security authorization reviews for system and network installations
  • T1271: Conduct security authorization reviews for system and network installations
  • T1272: Develop security assurance cases for system and network installations
  • T1294: Advise on Risk Management Framework process activities and documentation
  • T1305: Determine if authorization and assurance documents identify an acceptable level of risk for software applications, systems, and networks
  • T1327: Update security documentation to reflect current application and system security design features
  • T1328: Verify implementation of software, network, and system cybersecurity postures
  • T1329: Document software, network, and system deviations from implemented security postures
  • T1330: Recommend required actions to correct software, network, and system deviations from implemented security postures
  • T1339: Develop cybersecurity compliance processes for external services
  • T1340: Develop cybersecurity audit processes for external services
  • T1343: Provide cybersecurity guidance to organizational risk governance processes
  • T1355: Determine if vulnerability remediation plans are in place
  • T1356: Develop vulnerability remediation plans
  • T1357: Determine if cybersecurity requirements have been successfully implemented
  • T1358: Determine the effectiveness of organizational cybersecurity policies and procedures
  • T1361: Determine the impact of new system and interface implementations on organization's cybersecurity posture
  • T1362: Document impact of new system and interface implementations on organization's cybersecurity posture
  • T1365: Document cybersecurity design and development activities
  • T1368: Support cybersecurity compliance activities
  • T1369: Determine if acquisitions, procurement, and outsourcing efforts address cybersecurity requirements
  • T1437: Determine effectiveness of configuration management processes
  • T1489: Correlate incident data
  • T1829: Evaluate locally developed tools
  • K0018: Knowledge of encryption algorithms
  • K0476: Knowledge of language processing tools and techniques
  • K0653: Knowledge of cybersecurity practices in the acquisition process
  • K0655: Knowledge of intelligence fusion
  • K0658: Knowledge of cognitive biases
  • K0659: Knowledge of information privacy technologies
  • K0674: Knowledge of computer networking protocols
  • K0675: Knowledge of risk management processes
  • K0676: Knowledge of cybersecurity laws and regulations
  • K0677: Knowledge of cybersecurity policies and procedures
  • K0678: Knowledge of privacy laws and regulations
  • K0679: Knowledge of privacy policies and procedures
  • K0680: Knowledge of cybersecurity principles and practices
  • K0681: Knowledge of privacy principles and practices
  • K0682: Knowledge of cybersecurity threats
  • K0683: Knowledge of cybersecurity vulnerabilities
  • K0684: Knowledge of cybersecurity threat characteristics
  • K0685: Knowledge of access control principles and practices
  • K0686: Knowledge of authentication and authorization tools and techniques
  • K0687: Knowledge of business operations standards and best practices
  • K0688: Knowledge of common application vulnerabilities
  • K0689: Knowledge of network infrastructure principles and practices
  • K0691: Knowledge of cyber defense tools and techniques
  • K0692: Knowledge of vulnerability assessment tools and techniques
  • K0698: Knowledge of cryptographic key management principles and practices
  • K0701: Knowledge of data backup and recovery policies and procedures
  • K0702: Knowledge of data warehousing principles and practices
  • K0703: Knowledge of data mining principles and practices
  • K0707: Knowledge of database systems and software
  • K0709: Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
  • K0710: Knowledge of enterprise cybersecurity architecture principles and practices
  • K0711: Knowledge of evaluation and validation principles and practices
  • K0712: Knowledge of Local Area Networks (LAN)
  • K0713: Knowledge of Wide Area Networks (WAN)
  • K0718: Knowledge of network communications principles and practices
  • K0720: Knowledge of Security Assessment and Authorization (SA&A) processes
  • K0721: Knowledge of risk management principles and practices
  • K0723: Knowledge of vulnerability data sources
  • K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
  • K0729: Knowledge of non-repudiation principles and practices
  • K0730: Knowledge of cyber safety principles and practices
  • K0731: Knowledge of systems security engineering (SSE) principles and practices
  • K0734: Knowledge of Risk Management Framework (RMF) requirements
  • K0735: Knowledge of risk management models and frameworks
  • K0736: Knowledge of information technology (IT) security principles and practices
  • K0742: Knowledge of identity and access management (IAM) principles and practices
  • K0743: Knowledge of new and emerging technologies
  • K0746: Knowledge of policy-based access controls
  • K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
  • K0749: Knowledge of process engineering principles and practices
  • K0751: Knowledge of system threats
  • K0752: Knowledge of system vulnerabilities
  • K0758: Knowledge of server administration principles and practices
  • K0760: Knowledge of server diagnostic tools and techniques
  • K0761: Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
  • K0765: Knowledge of software engineering principles and practices
  • K0767: Knowledge of structured analysis principles and practices
  • K0776: Knowledge of collaboration tools and techniques
  • K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
  • K0779: Knowledge of systems engineering processes
  • K0784: Knowledge of insider threat laws and regulations
  • K0785: Knowledge of insider threat tools and techniques
  • K0791: Knowledge of defense-in-depth principles and practices
  • K0800: Knowledge of evidence admissibility laws and regulations
  • K0803: Knowledge of supply chain risk management principles and practices
  • K0806: Knowledge of machine virtualization tools and techniques
  • K0814: Knowledge of secure coding tools and techniques
  • K0819: Knowledge of import and export control laws and regulations
  • K0820: Knowledge of supply chain risks
  • K0821: Knowledge of federal agency roles and responsibilities
  • K0828: Knowledge of supply chain risk management standards and best practices
  • K0834: Knowledge of technology procurement principles and practices
  • K0838: Knowledge of supply chain risk management policies and procedures
  • K0839: Knowledge of critical infrastructure systems and software
  • K0840: Knowledge of hardware reverse engineering tools and techniques
  • K0842: Knowledge of software reverse engineering tools and techniques
  • K0851: Knowledge of reverse engineering principles and practices
  • K0858: Knowledge of virtual machine detection tools and techniques
  • K0859: Knowledge of encryption tools and techniques
  • K0865: Knowledge of data classification standards and best practices
  • K0866: Knowledge of data classification tools and techniques
  • K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
  • K0871: Knowledge of enterprise architecture (EA) principles and practices
  • K0877: Knowledge of application firewall principles and practices
  • K0878: Knowledge of network firewall principles and practices
  • K0879: Knowledge of industry cybersecurity models and frameworks
  • K0880: Knowledge of access control models and frameworks
  • K0881: Knowledge of learning assessment tools and techniques
  • K0885: Knowledge of instructional design principles and practices
  • K0886: Knowledge of instructional design models and frameworks
  • K0892: Knowledge of cyber defense laws and regulations
  • K0915: Knowledge of network architecture principles and practices
  • K0917: Knowledge of Personally Identifiable Information (PII) data security standards and best practices
  • K0918: Knowledge of Payment Card Industry (PCI) data security standards and best practices
  • K0919: Knowledge of Personal Health Information (PHI) data security standards and best practices
  • K0922: Knowledge of the acquisition life cycle models and frameworks
  • K0924: Knowledge of network analysis tools and techniques
  • K0928: Knowledge of systems engineering principles and practices
  • K0934: Knowledge of data classification policies and procedures
  • K0942: Knowledge of cryptology principles and practices
  • K0947: Knowledge of computer engineering principles and practices
  • K0948: Knowledge of embedded systems and software
  • K0953: Knowledge of data mining tools and techniques
  • K0955: Knowledge of penetration testing principles and practices
  • K0956: Knowledge of penetration testing tools and techniques
  • K0962: Knowledge of targeting laws and regulations
  • K0963: Knowledge of exploitation laws and regulations
  • K0965: Knowledge of language analysis tools and techniques
  • K0966: Knowledge of voice analysis tools and techniques
  • K0967: Knowledge of graphic materials analysis tools and techniques
  • K0983: Knowledge of computer networking principles and practices
  • K0986: Knowledge of target selection criticality factors
  • K0987: Knowledge of target selection vulnerability factors
  • K0990: Knowledge of cyber operations principles and practices
  • K1014: Knowledge of network security principles and practices
  • K1034: Knowledge of target language
  • K1050: Knowledge of critical information requirements
  • K1063: Knowledge of operation assessment processes
  • K1069: Knowledge of virtual machine tools and technologies
  • K1076: Knowledge of risk scoring principles and practices
  • K1077: Knowledge of data security controls
  • K1079: Knowledge of web application security risks
  • K1084: Knowledge of data privacy controls
  • K1088: Knowledge of knowledge management tools and techniques
  • K1096: Knowledge of data analysis tools and techniques
  • K1098: Knowledge of personnel systems and software
  • K1099: Knowledge of code analysis tools and techniques
  • K1100: Knowledge of analytical tools and techniques
  • K1101: Knowledge of analytics
  • K1108: Knowledge of traceroute tools and techniques
  • K1109: Knowledge of virtual collaborative workspace tools and techniques
  • K1180: Knowledge of organizational cybersecurity goals and objectives
  • S0015: Skill in conducting test events
  • S0097: Skill in applying security controls
  • S0111: Skill in interfacing with customers
  • S0136: Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
  • S0141: Skill in assessing security systems designs
  • S0172: Skill in applying secure coding techniques
  • S0175: Skill in performing root cause analysis
  • S0177: Skill in performing network analysis on targets
  • S0248: Skill in performing target system analysis
  • S0252: Skill in processing collected data for follow-on analysis
  • S0385: Skill in communicating complex concepts
  • S0386: Skill in communicating verbally
  • S0387: Skill in communicating in writing
  • S0388: Skill in facilitating small group discussions
  • S0389: Skill in facilitating group discussions
  • S0391: Skill in creating technical documentation
  • S0393: Skill in developing assessments
  • S0394: Skill in developing security assessments
  • S0401: Skill in collecting data
  • S0402: Skill in verifying data
  • S0403: Skill in validating data
  • S0409: Skill in deriving evaluative conclusions from data
  • S0414: Skill in evaluating laws
  • S0415: Skill in evaluating regulations
  • S0416: Skill in evaluating policies
  • S0423: Skill in analyzing processes to ensure conformance with procedural requirements
  • S0430: Skill in collaborating with others
  • S0431: Skill in applying critical thinking
  • S0435: Skill in analyzing large data sets
  • S0436: Skill in creating target intelligence products
  • S0437: Skill in identifying targets of interest
  • S0438: Skill in functioning effectively in a dynamic, fast-paced environment
  • S0439: Skill in identifying external partners
  • S0440: Skill in identifying target vulnerabilities
  • S0441: Skill in describing target vulnerabilities
  • S0443: Skill in mitigating cognitive biases
  • S0447: Skill in aligning privacy and cybersecurity objectives
  • S0462: Skill in integrating information security requirements in the acquisitions process
  • S0463: Skill in implementing software quality control processes
  • S0465: Skill in identifying critical infrastructure systems
  • S0466: Skill in identifying systems designed without security considerations
  • S0472: Skill in developing virtual machines
  • S0473: Skill in maintaining virtual machines
  • S0483: Skill in identifying software communications vulnerabilities
  • S0503: Skill in selecting targets
  • S0504: Skill in identifying vulnerabilities
  • S0506: Skill in identifying customer information needs
  • S0511: Skill in establishing priorities
  • S0515: Skill in identifying partner capabilities
  • S0532: Skill in analyzing software configurations
  • S0543: Skill in scanning for vulnerabilities
  • S0544: Skill in recognizing vulnerabilities
  • S0558: Skill in developing algorithms
  • S0559: Skill in performing data structure analysis
  • S0574: Skill in developing security system controls
  • S0578: Skill in evaluating security designs
  • S0579: Skill in preparing reports
  • S0580: Skill in monitoring system performance
  • S0581: Skill in configuring systems for performance enhancement
  • S0601: Skill in developing curricula
  • S0602: Skill in teaching training programs
  • S0614: Skill in categorizing types of vulnerabilities
  • S0628: Skill in developing learning activities
  • S0632: Skill in designing Test and Evaluation Strategies (TES)
  • S0634: Skill in identifying Test and Evaluation Strategies (TES) infrastructure requirements
  • S0635: Skill in managing test assets
  • S0641: Skill in reviewing logs
  • S0642: Skill in identifying evidence of past intrusions
  • S0645: Skill in troubleshooting cyber defense infrastructure anomalies
  • S0647: Skill in managing a workforce
  • S0654: Skill in conducting system reviews
  • S0655: Skill in designing secure test plans
  • S0656: Skill in assessing application vulnerabilities
  • S0657: Skill in implementing Public Key Infrastructure (PKI) encryption
  • S0658: Skill in implementing digital signatures
  • S0664: Skill in applying policies that meet system security objectives
  • S0667: Skill in assessing security controls
  • S0673: Skill in translating operational requirements into security controls
  • S0675: Skill in optimizing system performance
  • S0686: Skill in performing risk assessments
  • S0687: Skill in performing administrative planning activities
  • S0688: Skill in performing network data analysis
  • S0700: Skill in mining data
  • S0701: Skill in performing data mining analysis
  • S0704: Skill in performing target analysis
  • S0709: Skill in developing analytics
  • S0710: Skill in evaluating metadata
  • S0711: Skill in interpreting metadata
  • S0712: Skill in evaluating data source quality
  • S0713: Skill in evaluating information quality
  • S0715: Skill in generating operation plans
  • S0719: Skill in identifying intelligence gaps
  • S0720: Skill in identifying regional languages and dialects
  • S0721: Skill in prioritizing information
  • S0722: Skill in interpreting traceroute results
  • S0723: Skill in interpreting vulnerability scanner results
  • S0724: Skill in managing client relationships
  • S0728: Skill in preparing briefings
  • S0729: Skill in preparing plans
  • S0731: Skill in producing after-action reports
  • S0739: Skill in analyzing intelligence products
  • S0743: Skill in identifying network anomalies
  • S0744: Skill in performing technical writing
  • S0755: Skill in reconstructing a network
  • S0756: Skill in incorporating feedback
  • S0758: Skill in performing wireless network analysis
  • S0760: Skill in navigating databases
  • S0761: Skill in performing strategic guidance analysis
  • S0775: Skill in developing intelligence collection plans
  • S0777: Skill in developing collection strategies
  • S0780: Skill in fulfilling information requests
  • S0788: Skill in orchestrating planning teams
  • S0789: Skill in coordinating collection support
  • S0790: Skill in monitoring status
  • S0791: Skill in presenting to an audience
  • S0800: Skill in analyzing organizational patterns and relationships
  • S0801: Skill in assessing partner operations capabilities
  • S0807: Skill in solving problems
  • S0809: Skill in utilizing cyber defense service provider information
  • S0813: Skill in identifying cybersecurity issues in external connections
  • S0814: Skill in identifying privacy issues in partner interconnections
  • S0874: Skill in performing network traffic analysis
  • S0878: Skill in performing risk analysis