{
  "$TMF_VERSION": "1.4",
  "PublicationDateTime": "2021-04-26T00:00:00.000Z",
  "Description": "Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4, under the control family of Risk Assessment.",
  "Keywords": [
    "800-53",
    "NIST",
    "Risk Assessment",
    "Security",
    "Low"
  ],
  "Issuer": {
    "Identifier": "https://trustmarkinitiative.org/",
    "PrimaryContact": {
      "Email": "help@trustmarkinitiative.org",
      "Telephone": "555-555-5555",
      "Kind": "PRIMARY",
      "WebsiteURL": "https://trustmarkinitiative.org/",
      "Responder": ""
    },
    "Name": "TMI"
  },
  "Sources": [{
    "Identifier": "SP800-53R4",
    "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at <a href=\"http://dx.doi.org/10.6028/NIST.SP.800-53r4\">http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.",
    "$id": "source-2112165102"
  }],
  "Name": "NIST SP 800-53 r4 - Security Control Family: Risk Assessment - Controls for LOW Impact Systems",
  "TrustExpression": "TIP_NISTSP80053r4SecurityControlRA1RiskAssessmentPolicyandProcedures and TIP_NISTSP80053r4SecurityControlRA2SecurityCategorization and TIP_NISTSP80053r4SecurityControlRA3RiskAssessment and TIP_NISTSP80053r4SecurityControlRA5VulnerabilityScanning",
  "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-risk-assessment---controls-for-low-impact-systems/4/",
  "Version": "4",
  "References": {"TrustInteroperabilityProfileReferences": [
    {
      "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ra-1_-risk-assessment-policy-and-procedures/4/",
      "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-1: Risk Assessment Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.",
      "Number": 1,
      "Version": "4",
      "$Type": "TrustInteroperabilityProfileReference",
      "Name": "NIST SP 800-53 r4 Security Control RA-1: Risk Assessment Policy and Procedures",
      "$id": "TIP_NISTSP80053r4SecurityControlRA1RiskAssessmentPolicyandProcedures"
    },
    {
      "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ra-2_-security-categorization/4/",
      "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-2: Security Categorization. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.",
      "Number": 2,
      "Version": "4",
      "$Type": "TrustInteroperabilityProfileReference",
      "Name": "NIST SP 800-53 r4 Security Control RA-2: Security Categorization",
      "$id": "TIP_NISTSP80053r4SecurityControlRA2SecurityCategorization"
    },
    {
      "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ra-3_-risk-assessment/4/",
      "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-3: Risk Assessment. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.",
      "Number": 3,
      "Version": "4",
      "$Type": "TrustInteroperabilityProfileReference",
      "Name": "NIST SP 800-53 r4 Security Control RA-3: Risk Assessment",
      "$id": "TIP_NISTSP80053r4SecurityControlRA3RiskAssessment"
    },
    {
      "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ra-5_-vulnerability-scanning/4/",
      "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control RA-5: Vulnerability Scanning. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.",
      "Number": 4,
      "Version": "4",
      "$Type": "TrustInteroperabilityProfileReference",
      "Name": "NIST SP 800-53 r4 Security Control RA-5: Vulnerability Scanning",
      "$id": "TIP_NISTSP80053r4SecurityControlRA5VulnerabilityScanning"
    }
  ]},
  "Primary": "false",
  "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.",
  "$Type": "TrustInteroperabilityProfile"
}