Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >SP 800-53
  3. >Risk Assessment
  4. >SP800-53-RA-7
SP800-53-RA-7Active

Risk Response

Statement

Respond to findings from security and privacy assessments, monitoring, and audits in accordance with organizational risk tolerance.

Location

Control Family
Risk Assessment

Control Details

Identifier
SP800-53-RA-7
Family
RA

Supplemental Guidance

Organizations have many options for responding to risk including mitigating risk by implementing new controls or strengthening existing controls, accepting risk with appropriate justification or rationale, sharing or transferring risk, or avoiding risk. The risk tolerance of the organization influences risk response decisions and actions. Risk response addresses the need to determine an appropriate response to risk before generating a plan of action and milestones entry. For example, the response may be to accept risk or reject risk, or it may be possible to mitigate the risk immediately so that a plan of action and milestones entry is not needed. However, if the risk response is to mitigate the risk, and the mitigation cannot be completed immediately, a plan of action and milestones entry is generated.

Assessment Objective

findings from security assessments are responded to in accordance with organizational risk tolerance; findings from privacy assessments are responded to in accordance with organizational risk tolerance; findings from monitoring are responded to in accordance with organizational risk tolerance; findings from audits are responded to in accordance with organizational risk tolerance.

No cross-framework mappings available

← Back to Risk Assessment
Risk Assessment26 controls
SP800-53-RA-1Policy and ProceduresSP800-53-RA-2Security CategorizationSP800-53-RA-2(1)Impact-level PrioritizationSP800-53-RA-3Risk AssessmentSP800-53-RA-3(1)Supply Chain Risk AssessmentSP800-53-RA-3(2)Use of All-source IntelligenceSP800-53-RA-3(3)Dynamic Threat AwarenessSP800-53-RA-3(4)Predictive Cyber AnalyticsSP800-53-RA-4Risk Assessment UpdateSP800-53-RA-5Vulnerability Monitoring and ScanningSP800-53-RA-5(1)Update Tool CapabilitySP800-53-RA-5(2)Update Vulnerabilities to Be ScannedSP800-53-RA-5(3)Breadth and Depth of CoverageSP800-53-RA-5(4)Discoverable InformationSP800-53-RA-5(5)Privileged AccessSP800-53-RA-5(6)Automated Trend AnalysesSP800-53-RA-5(7)Automated Detection and Notification of Unauthorized ComponentsSP800-53-RA-5(8)Review Historic Audit LogsSP800-53-RA-5(9)Penetration Testing and AnalysesSP800-53-RA-5(10)Correlate Scanning InformationSP800-53-RA-5(11)Public Disclosure ProgramSP800-53-RA-6Technical Surveillance Countermeasures SurveySP800-53-RA-7Risk ResponseSP800-53-RA-8Privacy Impact AssessmentsSP800-53-RA-9Criticality AnalysisSP800-53-RA-10Threat Hunting