The IT Law Wiki



An assessment is

[v]erification of a deliverable against a standard using the corresponding method to establish compliance and determine the assurance.[1]


Assessment is

[t]o evaluate the worth, significance, or status of something; especially to give an expert judgment of the value or merit of something.[2]
an evaluation conducted to measure performance and compliance, or to estimate the size, quality or extent of something.[3]
[t]he evaluation and interpretation of measurements and other information to provide a basis for decisionmaking.[4]


the process of combining all intelligence data into a unified, specific judgment; the result of analysis formed within the context of the intelligence environment.[5]


Assessment is

[a] set of activities or actions employed by an assessor to determine the extent to which a security control is implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.[6]
the analysis of indications to determine the likelihood, nature, and potential of a threat.[7]


See also[]