Assessing Security and Privacy Controls: Draft SP 800-53A Revision 5 is Available for Comment

Control assessments are not about checklists, simple pass/fail results, or generating paperwork to pass inspections or audits. The testing and evaluation of controls in a system or organization to determine the extent to which the controls are

Source:: NIST