The testing or evaluation of security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcomes with respect to meeting the security requirements for an information system or organization.
Source: CMMC Glossary and Acronyms
« Back to Glossary Index
