Vulnerability Assessment

Formal description and evaluation of the vulnerabilities in an information system. SOURCE: SP 800-53; SP 800-37

Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.
SOURCE: SP 800-53A; CNSSI-4009