Significance Determination Process

From kanterella
Jump to navigation Jump to search

The Significance Determination Process (SDP) is the way in which the significance of a failure is judged. Its most directly used in the assessment of a finding when determining the significance color.

The process may be broken down into various topics where details

Cyber Security Specific

Adverse Impact - A direct deleterious effect on a CDA (e.g., loss or impairment of function, reduction in reliability, reduction in ability to detect, delay, assesses or respond to malevolent activities, reduction of ability to call for or communicate

Adequate Detection and Response before adverse impact to the function then Green.

See also