Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >SP 800-53
  3. >Risk Assessment
  4. >SP800-53-RA-5(4)
SP800-53-RA-5(4)Active

Discoverable Information

Statement

Determine information about the system that is discoverable and take corrective actions.

Location

Control Family
Risk Assessment

Control Details

Identifier
SP800-53-RA-5(4)
Family
RA
Parent Control
SP800-53-RA-5

Organisation-Defined Parameters

ra-05.04_odp
corrective actions

Supplemental Guidance

Discoverable information includes information that adversaries could obtain without compromising or breaching the system, such as by collecting information that the system is exposing or by conducting extensive web searches. Corrective actions include notifying appropriate organizational personnel, removing designated information, or changing the system to make the designated information less relevant or attractive to adversaries. This enhancement excludes intentionally discoverable information that may be part of a decoy capability (e.g., honeypots, honeynets, or deception nets) deployed by the organization.

Assessment Objective

information about the system is discoverable; corrective actions are taken when information about the system is confirmed as discoverable.

No cross-framework mappings available

← Back to Risk Assessment
Risk Assessment26 controls
SP800-53-RA-1Policy and ProceduresSP800-53-RA-2Security CategorizationSP800-53-RA-2(1)Impact-level PrioritizationSP800-53-RA-3Risk AssessmentSP800-53-RA-3(1)Supply Chain Risk AssessmentSP800-53-RA-3(2)Use of All-source IntelligenceSP800-53-RA-3(3)Dynamic Threat AwarenessSP800-53-RA-3(4)Predictive Cyber AnalyticsSP800-53-RA-4Risk Assessment UpdateSP800-53-RA-5Vulnerability Monitoring and ScanningSP800-53-RA-5(1)Update Tool CapabilitySP800-53-RA-5(2)Update Vulnerabilities to Be ScannedSP800-53-RA-5(3)Breadth and Depth of CoverageSP800-53-RA-5(4)Discoverable InformationSP800-53-RA-5(5)Privileged AccessSP800-53-RA-5(6)Automated Trend AnalysesSP800-53-RA-5(7)Automated Detection and Notification of Unauthorized ComponentsSP800-53-RA-5(8)Review Historic Audit LogsSP800-53-RA-5(9)Penetration Testing and AnalysesSP800-53-RA-5(10)Correlate Scanning InformationSP800-53-RA-5(11)Public Disclosure ProgramSP800-53-RA-6Technical Surveillance Countermeasures SurveySP800-53-RA-7Risk ResponseSP800-53-RA-8Privacy Impact AssessmentsSP800-53-RA-9Criticality AnalysisSP800-53-RA-10Threat Hunting