Master Assessment Datasheet
The organization being inspected/assessed documents in the security plan, essential capabilities which the information system must provide. The organization being inspected/assessed configures the information system to provide only those documented essential capabilities.
The organization conducting the inspection/assessment obtains and examines the security plan to ensure the organization being inspected/assessed has identified essential capabilities. The organization conducting the inspection/assessment inspects the information system to ensure that it provides only those documented essential capabilities.
DISA Compelling Evidence
1) SSP (ref capabilities section)