Security Assessment Report (SAR)

In the Federal Risk and Authorization Management Program, a Security Assessment Report (SAR) records the results of an independent evaluation of a cloud service provider's system, detailing the implementation of required security controls, identified vulnerabilities, and remediation actions, and serves as a key artifact for obtaining and maintaining authorization to operate.