Browse — Entity Type · Finding

all Data System Network Identity Credential Physical Process Capability Organization Framework Event Metric Vulnerability Threat Control Finding Requirement Role Artifact Unknown

23 terms

TermTypeDefinitionClassificationsUpdated

assessed risknounA detected and evaluated risk. An assessed risk of material misstatement at the assertion level is a significant risk.FindingRegulatedMay 12, 2026

Assessment FindingsnounAssessment results produced by the application of an assessment procedure to a security control or control enhancement to achieve an assessment objective; the execution of a determination statement within an assessment procedure by an assessor that results in either a satisfied or other than satisfied condition.FindingRestrictedCUIMay 9, 2026

audit findingnounThe documented conclusion reached as a result of an official inspection of an organization’s accounts or other item or process being audited, typically by an independent body.FindingRegulatedMay 12, 2026

compliance violation is detectednounThis Triggering Event takes place when the condition of someone or something does not conform to the documented policies and standards has been discovered.FindingRegulatedMay 9, 2026

conclusionnounA position or opinion or judgment reached after consideration.FindingMay 9, 2026

conformancenounCompliance with standards, rules, or laws.FindingMay 12, 2026

deficiencynounA failing, shortcoming, or lack of an adequate quantity or number.FindingMay 12, 2026

deviatenounTurn aside; turn away from.FindingRegulatedMay 9, 2026

deviationnounA variation that departs from the standard or norm.FindingRegulatedMay 12, 2026

emerging issuenounA known topic or problem that is changing or a topic or problem that most people are not aware of.FindingMay 9, 2026

errornounA defect in function or structure; deviation from what is correct.FindingMay 12, 2026

findingnounSomething discovered as a result of an inquiry or investigation.FindingRegulatedMay 9, 2026

identified risknounAn observed threat to a process or asset.FindingMay 12, 2026

issuenounAn important question, point, or problem to be disputed, discussed, or decided.FindingMay 12, 2026

missing security updatenounA security update that has not been implemented.FindingInternalMay 12, 2026

negligencenounFailure to take proper care of something.FindingMay 9, 2026

non-compliancenounThe failure to achieve performance criteria of a regulation or authority.FindingRegulatedMay 9, 2026

non-compliance informationnounInformation regarding a failure to act in accordance with applicable standards and regulations.FindingRegulatedCUIMay 9, 2026

omissionnounSomeone or something that has been left out or excluded.FindingMay 9, 2026

Open StoragenounAny storage of classified national security information outside of approved containers. This includes classified information that is resident on information systems media and outside of an approved storage container, regardless of whether or not that media is in use (i.e., unattended operations).FindingRegulatedCUIMay 9, 2026

problemnounAn underlying cause for one or more incidents.FindingMay 9, 2026

recommendationnounA proposal for the best course of action.FindingRegulatedMay 12, 2026

resultnounA consequence, effect, or outcome of something.FindingMay 9, 2026