The Federal Information Technology Security Assessment Framework has been adopted by the Internal Revenue Service to provide a basis for conducting an evaluation of its cyber security program.
Security Assertions, Criteria, and Metrics Developed for the IRS
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
The Federal Information Technology Security Assessment Framework has been adopted by the Internal Revenue Service to provide a basis for conducting an evaluation of its cyber security program. The criteria contained in the framework have been expanded into security assertions, performance goals and metrics, and establish quantifiable security assessment targets. The goals and metrics are granular to the tasking level and allow for organization budget and tracking efforts.