KSI-PIY-RISImplementation guide coming soonReviewing Investments in Security
PIY — Policy and Inventory
NIST 800-53: ac-5, ca-2, cp-2.1, cp-4.1, ir-3.2, pm-3, sa-2, sa-3, sr-2.1
- Who this is for
- Cloud service providers
- Service class
- All service classes
- Implementation guidance
- Official source only
- Evidence automation
- Not published
Reviewed implementation guidance for KSI-PIY-RIS is not published yet. The official source below remains complete and authoritative.
Official FedRAMP source
Verbatim from FedRAMP/rules
The effectiveness of the provider's investments in achieving security goals is persistently reviewed.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.