Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
OSCAL
OSCAL Profiles
FedRAMP Rev 5 High Baseline
CA
CA: Assessment, Authorization, and Monitoring
An OSCAL Group
Details
Subcontrols
16
CA-1 - Policy and Procedures
CA-2 - Control Assessments
3 Subcontrols
CA-2.1 - Independent Assessors
CA-2.2 - Specialized Assessments
CA-2.3 - Leveraging Results from External Organizations
CA-3 - Information Exchange
1 Subcontrol
CA-3.6 - Transfer Authorizations
CA-5 - Plan of Action and Milestones
CA-6 - Authorization
CA-7 - Continuous Monitoring
2 Subcontrols
CA-7.1 - Independent Assessment
CA-7.4 - Risk Monitoring
CA-8 - Penetration Testing
2 Subcontrols
CA-8.1 - Independent Penetration Testing Agent or Team
CA-8.2 - Red Team Exercises
CA-9 - Internal System Connections