Ability to assesses a security plan to help ensure that the plan provides a set of security controls for the system that meet the stated security requirements.