System Assessment Report For: {System Name}

Version:

Date:

Prepared By:

Overview

Purpose

Scope

Applicable Laws and Regulations

The following laws and regulations are applicable:

Applicable Standards and Guidance

The following standards and guidance are applicable to the organization:

System Overview

System Name

General System Description and Purpose

Security Categorization

Assessment Methodology

Performed Tests

Identification of Vulnerabilities

Consideration of Threats

Performed Risk Analysis

Document Results of Security Testing

This section should include any relevant screenshots.

Security Assessment Results

Non-Conforming Controls

Recommendations (based on the appropriate risk management framework)

Include the following in your report (add sections to the template as needed):

An overview of why the report is being written
A paragraph description of the system
A paragraph outlining the framework governing the enterprise
Major gaps that were found
Remediation that is recommended
A high-level diagram that represents the current state of the system
An equal diagram depicting the proper end state

Refer to the “Security Assessment Report (SAR),” within the required readings. This resource provides detailed explanations of each section that should be included within the assessment report.

Must be compleated on the templeat