NIST 800-53 · RA — Risk Assessment
RA-3 Risk assessment
Conduct assessments of risk, including the likelihood and impact of unauthorized access, use, disclosure, disruption or destruction.
Mapped across 7 provisions
Equivalent and related requirements in other frameworks and regulations.
- HIPAAEquivalentOfficial mapping
Source: HIPAA Security Rule / NIST SP 800-53 Rev. 5
§164.308(a)(1) Security management processRisk assessment & management
- NIST CSF 2.0PartialOfficial mapping
Source: NIST CSF 2.0 / SP 800-53 Rev. 5
ID.RA-01 Vulnerabilities identified and recordedRisk assessment & management
- CCPA / CPRARelatedCurated§1798.150 Duty to implement reasonable security
Risk assessment & management
- DORARelatedCuratedArt. 6 ICT risk management framework
Risk assessment & management
- LGPDRelatedCuratedArt. 46 Security measures
Risk assessment & management
- NIS2RelatedCuratedArt. 21(2)(a) Risk analysis and information system security policies
Risk assessment & management
- NIST 800-171RelatedCurated3.11.1 Periodically assess risk
Risk assessment & management