Testing and Review
will perform activities that typically involve both the automated testing of security vulnerabilities via software tools, manual analysis, and the evaluation of particular aspects of the organization’s security policies and practices.
will perform the following assessment activities:
Conduct interviews with key staff to examine management, operational, and technical controls
Examine documentation to ensure adherence to CMS policies and standards
Collect artifacts/evidence that demonstrate the CMS security controls are operating as designed>
Dostları ilə paylaş: |
