NIST 800-171 R-3.12.1
Periodically Assess Security Controls
Official citation: 3.12.1
Class: core · Severity: high
Statement of the obligation — verify against source
3.12.1
What it means
Periodically assess your security controls to determine whether they are implemented correctly and working as intended. Regular assessments confirm that controls remain effective and surface weaknesses to address.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.