An SSA is carried out by the User to identify any material increase in the security risk since the last time either a FUSA or VUSA was carried out. The assessment focuses on those areas exposed to any material increase in security risks as indicated by a User’s obligation to identify and manage risk (in accordance with G5.14).
How do I prepare?
- Submit the Book an Assessment form for review, in corroboration with the User CIO prior to presentation to the SSC.
- Refer to the list of User questions in the SCF.