/*
Customise Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorised as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.

/*]]>*/

Body of Evidence (BoE)

May 9, 2025

Body of Evidence (BoE)

You are here:
< Back

cyber risk assessment insurance cybersecurity best practices define RMM authentication TPRM ecosystem flaw hypothesis methodology high assurance guard 3rd party third-party CISO vulnerabilityWhat is Body of Evidence (BoE)?

In cybersecurity, the Body of Evidence (BoE) refers to the complete set of documentation and data that demonstrates an information system’s adherence to security controlsIt’s essentially the collection of materials that proves a system’s security posture. This includes documentation, logs, test results, and other data related to security assessments and implementation. 

This is not to be confused with the hot, slutty 1993 movie from Madonna (more here).
cybersecurity breach data best practices cyber risk assessment

More Detail

  • Documentation: This includes things like security policies, procedures, and risk assessments.
  • Logs: System logs, network logs, and audit logs capture events and activity on the system, providing evidence of user actions, system behavior, and potential security incidents.
  • Test Results: Security testing, such as vulnerability scans and penetration tests, provide evidence of the system’s security weaknesses and strengths.
  • Other Data: This can include configuration files, software versions, and other data that helps demonstrate the system’s security configuration.
  • RMF (Risk Management Framework) Documentation: The BoE is often associated with the RMF, a framework used for managing security risks in information systems

The set of data that documents the information system’s adherence to the security controls applied. The BoE will include a Requirements Verification Traceability Matrix (RVTM) delineating where the selected security controls are met and evidence to that fact can be found. The BoE content required by an Authorizing Official will be adjusted according to the impact levels selected.
SOURCE: CNSSI-4009