From 851c296c7bf92853bb77ba77b36a9c9f5364e005 Mon Sep 17 00:00:00 2001
From: Wendell Piez <wendell.piez@nist.gov>
Date: Mon, 17 Oct 2022 14:55:29 -0400
Subject: [PATCH] Correcting validation error

---
 .../rev5/xml/NIST_SP-800-53_rev5_catalog.xml  | 7338 ++++++++---------
 .../rev5/xml/oscal-objectives-enhance.xsl     |   38 +-
 2 files changed, 3696 insertions(+), 3680 deletions(-)

diff --git a/src/nist.gov/SP800-53/rev5/xml/NIST_SP-800-53_rev5_catalog.xml b/src/nist.gov/SP800-53/rev5/xml/NIST_SP-800-53_rev5_catalog.xml
index ac3cdbc4..664c6259 100644
--- a/src/nist.gov/SP800-53/rev5/xml/NIST_SP-800-53_rev5_catalog.xml
+++ b/src/nist.gov/SP800-53/rev5/xml/NIST_SP-800-53_rev5_catalog.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<catalog xmlns="http://csrc.nist.gov/ns/oscal/1.0" uuid="7eb446a5-bee6-4e8a-8ed5-87bf5b549749">
+<catalog xmlns="http://csrc.nist.gov/ns/oscal/1.0" uuid="6ab361ff-dc73-41f0-a594-c7087b236af8">
   <metadata>
     <title>Electronic Version of NIST SP 800-53 Rev 5 Controls and SP 800-53A Rev 5 Assessment Procedures</title>
-    <last-modified>2022-10-17T14:09:23.7475009-04:00</last-modified>
+    <last-modified>2022-10-17T14:53:10.1520111-04:00</last-modified>
     <version>5.2.3</version>
     <oscal-version>1.0.0</oscal-version>
     <prop name="keywords" value="Assessment, assessment plan, assurance, availability, computer security, confidentiality, control, control assessment, cybersecurity, FISMA, information security, information system, integrity, personally identifiable information, OSCAL, Open Security Controls Assessment Language, Privacy Act, privacy controls, privacy functions, privacy requirements, Risk Management Framework, security controls, security functions, security requirements, system, system security"/>
@@ -165,116 +165,116 @@
       </part>
       <part id="ac-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-01"/>
-        <link rel="depends-on" href="#ac-1_smt"/>
         <part id="ac-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-01a."/>
-          <link rel="depends-on" href="#ac-1_smt.a"/>
           <part id="ac-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01a.[01]"/>
-            <link rel="depends-on" href="#ac-1_smt.a"/>
             <p>an access control policy is developed and documented;</p>
+            <link rel="depends-on" href="#ac-1_smt.a"/>
           </part>
           <part id="ac-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01a.[02]"/>
-            <link rel="depends-on" href="#ac-1_smt.a"/>
             <p>the access control policy is disseminated to <insert type="param" id-ref="ac-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ac-1_smt.a"/>
           </part>
           <part id="ac-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01a.[03]"/>
-            <link rel="depends-on" href="#ac-1_smt.a"/>
             <p>access control procedures to facilitate the implementation of the access control policy and associated controls are developed and documented;</p>
+            <link rel="depends-on" href="#ac-1_smt.a"/>
           </part>
           <part id="ac-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01a.[04]"/>
-            <link rel="depends-on" href="#ac-1_smt.a"/>
             <p>the access control procedures are disseminated to <insert type="param" id-ref="ac-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ac-1_smt.a"/>
           </part>
           <part id="ac-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01a.01"/>
-            <link rel="depends-on" href="#ac-1_smt.a.1"/>
             <part id="ac-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-01a.01(a)"/>
-              <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               <part id="ac-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses purpose;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
               <part id="ac-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses scope;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
               <part id="ac-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses roles;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
               <part id="ac-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
               <part id="ac-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
               <part id="ac-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
               <part id="ac-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy addresses compliance;</p>
+                <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ac-1_smt.a.1.a"/>
             </part>
             <part id="ac-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-01a.01(b)"/>
-              <link rel="depends-on" href="#ac-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ac-01_odp.03"/> access control policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ac-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ac-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ac-1_smt.a"/>
         </part>
         <part id="ac-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-01b."/>
-          <link rel="depends-on" href="#ac-1_smt.b"/>
           <p>the <insert type="param" id-ref="ac-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the access control policy and procedures;</p>
+          <link rel="depends-on" href="#ac-1_smt.b"/>
         </part>
         <part id="ac-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-01c."/>
-          <link rel="depends-on" href="#ac-1_smt.c"/>
           <part id="ac-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01c.01"/>
-            <link rel="depends-on" href="#ac-1_smt.c.1"/>
             <part id="ac-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-01c.01[01]"/>
-              <link rel="depends-on" href="#ac-1_smt.c.1"/>
               <p>the current access control policy is reviewed and updated <insert type="param" id-ref="ac-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#ac-1_smt.c.1"/>
             </part>
             <part id="ac-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-01c.01[02]"/>
-              <link rel="depends-on" href="#ac-1_smt.c.1"/>
               <p>the current access control policy is reviewed and updated following <insert type="param" id-ref="ac-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ac-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ac-1_smt.c.1"/>
           </part>
           <part id="ac-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-01c.02"/>
-            <link rel="depends-on" href="#ac-1_smt.c.2"/>
             <part id="ac-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-01c.02[01]"/>
-              <link rel="depends-on" href="#ac-1_smt.c.2"/>
               <p>the current access control procedures are reviewed and updated <insert type="param" id-ref="ac-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#ac-1_smt.c.2"/>
             </part>
             <part id="ac-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-01c.02[02]"/>
-              <link rel="depends-on" href="#ac-1_smt.c.2"/>
               <p>the current access control procedures are reviewed and updated following <insert type="param" id-ref="ac-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ac-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ac-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ac-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ac-1_smt"/>
       </part>
       <part id="ac-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -505,169 +505,169 @@
       </part>
       <part id="ac-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-02"/>
-        <link rel="depends-on" href="#ac-2_smt"/>
         <part id="ac-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02a."/>
-          <link rel="depends-on" href="#ac-2_smt.a"/>
           <part id="ac-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02a.[01]"/>
-            <link rel="depends-on" href="#ac-2_smt.a"/>
             <p>account types allowed for use within the system are defined and documented;</p>
+            <link rel="depends-on" href="#ac-2_smt.a"/>
           </part>
           <part id="ac-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02a.[02]"/>
-            <link rel="depends-on" href="#ac-2_smt.a"/>
             <p>account types specifically prohibited for use within the system are defined and documented;</p>
+            <link rel="depends-on" href="#ac-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.a"/>
         </part>
         <part id="ac-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02b."/>
-          <link rel="depends-on" href="#ac-2_smt.b"/>
           <p>account managers are assigned;</p>
+          <link rel="depends-on" href="#ac-2_smt.b"/>
         </part>
         <part id="ac-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02c."/>
-          <link rel="depends-on" href="#ac-2_smt.c"/>
           <p><insert type="param" id-ref="ac-02_odp.01"/> for group and role membership are required;</p>
+          <link rel="depends-on" href="#ac-2_smt.c"/>
         </part>
         <part id="ac-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02d."/>
-          <link rel="depends-on" href="#ac-2_smt.d"/>
           <part id="ac-2_obj.d.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02d.01"/>
-            <link rel="depends-on" href="#ac-2_smt.d.1"/>
             <p>authorized users of the system are specified;</p>
+            <link rel="depends-on" href="#ac-2_smt.d.1"/>
           </part>
           <part id="ac-2_obj.d.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02d.02"/>
-            <link rel="depends-on" href="#ac-2_smt.d.2"/>
             <p>group and role membership are specified;</p>
+            <link rel="depends-on" href="#ac-2_smt.d.2"/>
           </part>
           <part id="ac-2_obj.d.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02d.03"/>
-            <link rel="depends-on" href="#ac-2_smt.d.3"/>
             <part id="ac-2_obj.d.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-02d.03[01]"/>
-              <link rel="depends-on" href="#ac-2_smt.d.3"/>
               <p>access authorizations (i.e., privileges) are specified for each account;</p>
+              <link rel="depends-on" href="#ac-2_smt.d.3"/>
             </part>
             <part id="ac-2_obj.d.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-02d.03[02]"/>
-              <link rel="depends-on" href="#ac-2_smt.d.3"/>
               <p><insert type="param" id-ref="ac-02_odp.02"/> are specified for each account;</p>
+              <link rel="depends-on" href="#ac-2_smt.d.3"/>
             </part>
+            <link rel="depends-on" href="#ac-2_smt.d.3"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.d"/>
         </part>
         <part id="ac-2_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02e."/>
-          <link rel="depends-on" href="#ac-2_smt.e"/>
           <p>approvals are required by <insert type="param" id-ref="ac-02_odp.03"/> for requests to create accounts;</p>
+          <link rel="depends-on" href="#ac-2_smt.e"/>
         </part>
         <part id="ac-2_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02f."/>
-          <link rel="depends-on" href="#ac-2_smt.f"/>
           <part id="ac-2_obj.f-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02f.[01]"/>
-            <link rel="depends-on" href="#ac-2_smt.f"/>
             <p>accounts are created in accordance with <insert type="param" id-ref="ac-02_odp.04"/>;</p>
+            <link rel="depends-on" href="#ac-2_smt.f"/>
           </part>
           <part id="ac-2_obj.f-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02f.[02]"/>
-            <link rel="depends-on" href="#ac-2_smt.f"/>
             <p>accounts are enabled in accordance with <insert type="param" id-ref="ac-02_odp.04"/>;</p>
+            <link rel="depends-on" href="#ac-2_smt.f"/>
           </part>
           <part id="ac-2_obj.f-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02f.[03]"/>
-            <link rel="depends-on" href="#ac-2_smt.f"/>
             <p>accounts are modified in accordance with <insert type="param" id-ref="ac-02_odp.04"/>;</p>
+            <link rel="depends-on" href="#ac-2_smt.f"/>
           </part>
           <part id="ac-2_obj.f-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02f.[04]"/>
-            <link rel="depends-on" href="#ac-2_smt.f"/>
             <p>accounts are disabled in accordance with <insert type="param" id-ref="ac-02_odp.04"/>;</p>
+            <link rel="depends-on" href="#ac-2_smt.f"/>
           </part>
           <part id="ac-2_obj.f-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02f.[05]"/>
-            <link rel="depends-on" href="#ac-2_smt.f"/>
             <p>accounts are removed in accordance with <insert type="param" id-ref="ac-02_odp.04"/>;</p>
+            <link rel="depends-on" href="#ac-2_smt.f"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.f"/>
         </part>
         <part id="ac-2_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02g."/>
-          <link rel="depends-on" href="#ac-2_smt.g"/>
           <p>the use of accounts is monitored; </p>
+          <link rel="depends-on" href="#ac-2_smt.g"/>
         </part>
         <part id="ac-2_obj.h" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02h."/>
-          <link rel="depends-on" href="#ac-2_smt.h"/>
           <part id="ac-2_obj.h.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02h.01"/>
-            <link rel="depends-on" href="#ac-2_smt.h.1"/>
             <p>account managers and <insert type="param" id-ref="ac-02_odp.05"/> are notified within <insert type="param" id-ref="ac-02_odp.06"/> when accounts are no longer required;</p>
+            <link rel="depends-on" href="#ac-2_smt.h.1"/>
           </part>
           <part id="ac-2_obj.h.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02h.02"/>
-            <link rel="depends-on" href="#ac-2_smt.h.2"/>
             <p>account managers and <insert type="param" id-ref="ac-02_odp.05"/> are notified within <insert type="param" id-ref="ac-02_odp.07"/> when users are terminated or transferred;</p>
+            <link rel="depends-on" href="#ac-2_smt.h.2"/>
           </part>
           <part id="ac-2_obj.h.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02h.03"/>
-            <link rel="depends-on" href="#ac-2_smt.h.3"/>
             <p>account managers and <insert type="param" id-ref="ac-02_odp.05"/> are notified within <insert type="param" id-ref="ac-02_odp.08"/> when system usage or the need to know changes for an individual;</p>
+            <link rel="depends-on" href="#ac-2_smt.h.3"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.h"/>
         </part>
         <part id="ac-2_obj.i" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02i."/>
-          <link rel="depends-on" href="#ac-2_smt.i"/>
           <part id="ac-2_obj.i.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02i.01"/>
-            <link rel="depends-on" href="#ac-2_smt.i.1"/>
             <p>access to the system is authorized based on a valid access authorization;</p>
+            <link rel="depends-on" href="#ac-2_smt.i.1"/>
           </part>
           <part id="ac-2_obj.i.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02i.02"/>
-            <link rel="depends-on" href="#ac-2_smt.i.2"/>
             <p>access to the system is authorized based on intended system usage;</p>
+            <link rel="depends-on" href="#ac-2_smt.i.2"/>
           </part>
           <part id="ac-2_obj.i.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02i.03"/>
-            <link rel="depends-on" href="#ac-2_smt.i.3"/>
             <p>access to the system is authorized based on <insert type="param" id-ref="ac-02_odp.09"/>;</p>
+            <link rel="depends-on" href="#ac-2_smt.i.3"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.i"/>
         </part>
         <part id="ac-2_obj.j" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02j."/>
-          <link rel="depends-on" href="#ac-2_smt.j"/>
           <p>accounts are reviewed for compliance with account management requirements <insert type="param" id-ref="ac-02_odp.10"/>;</p>
+          <link rel="depends-on" href="#ac-2_smt.j"/>
         </part>
         <part id="ac-2_obj.k" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02k."/>
-          <link rel="depends-on" href="#ac-2_smt.k"/>
           <part id="ac-2_obj.k-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02k.[01]"/>
-            <link rel="depends-on" href="#ac-2_smt.k"/>
             <p>a process is established for changing shared or group account authenticators (if deployed) when individuals are removed from the group;</p>
+            <link rel="depends-on" href="#ac-2_smt.k"/>
           </part>
           <part id="ac-2_obj.k-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02k.[02]"/>
-            <link rel="depends-on" href="#ac-2_smt.k"/>
             <p>a process is implemented for changing shared or group account authenticators (if deployed) when individuals are removed from the group;</p>
+            <link rel="depends-on" href="#ac-2_smt.k"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.k"/>
         </part>
         <part id="ac-2_obj.l" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02l."/>
-          <link rel="depends-on" href="#ac-2_smt.l"/>
           <part id="ac-2_obj.l-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02l.[01]"/>
-            <link rel="depends-on" href="#ac-2_smt.l"/>
             <p>account management processes are aligned with personnel termination processes;</p>
+            <link rel="depends-on" href="#ac-2_smt.l"/>
           </part>
           <part id="ac-2_obj.l-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02l.[02]"/>
-            <link rel="depends-on" href="#ac-2_smt.l"/>
             <p>account management processes are aligned with personnel transfer processes.</p>
+            <link rel="depends-on" href="#ac-2_smt.l"/>
           </part>
+          <link rel="depends-on" href="#ac-2_smt.l"/>
         </part>
+        <link rel="depends-on" href="#ac-2_smt"/>
       </part>
       <part id="ac-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -732,8 +732,8 @@
         </part>
         <part id="ac-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(01)"/>
-          <link rel="depends-on" href="#ac-2.1_smt"/>
           <p>the management of system accounts is supported using <insert type="param" id-ref="ac-02.01_odp"/>.</p>
+          <link rel="depends-on" href="#ac-2.1_smt"/>
         </part>
         <part id="ac-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -798,8 +798,8 @@
         </part>
         <part id="ac-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(02)"/>
-          <link rel="depends-on" href="#ac-2.2_smt"/>
           <p>temporary and emergency accounts are automatically <insert type="param" id-ref="ac-02.02_odp.01"/> after <insert type="param" id-ref="ac-02.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-2.2_smt"/>
         </part>
         <part id="ac-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -881,27 +881,27 @@
         </part>
         <part id="ac-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(03)"/>
-          <link rel="depends-on" href="#ac-2.3_smt"/>
           <part id="ac-2.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(03)(a)"/>
-            <link rel="depends-on" href="#ac-2.3_smt.a"/>
             <p>accounts are disabled within <insert type="param" id-ref="ac-02.03_odp.01"/> when the accounts have expired;</p>
+            <link rel="depends-on" href="#ac-2.3_smt.a"/>
           </part>
           <part id="ac-2.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(03)(b)"/>
-            <link rel="depends-on" href="#ac-2.3_smt.b"/>
             <p>accounts are disabled within <insert type="param" id-ref="ac-02.03_odp.01"/> when the accounts are no longer associated with a user or individual;</p>
+            <link rel="depends-on" href="#ac-2.3_smt.b"/>
           </part>
           <part id="ac-2.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(03)(c)"/>
-            <link rel="depends-on" href="#ac-2.3_smt.c"/>
             <p>accounts are disabled within <insert type="param" id-ref="ac-02.03_odp.01"/> when the accounts are in violation of organizational policy;</p>
+            <link rel="depends-on" href="#ac-2.3_smt.c"/>
           </part>
           <part id="ac-2.3_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(03)(d)"/>
-            <link rel="depends-on" href="#ac-2.3_smt.d"/>
             <p>accounts are disabled within <insert type="param" id-ref="ac-02.03_odp.01"/> when the accounts have been inactive for <insert type="param" id-ref="ac-02.03_odp.02"/>.</p>
+            <link rel="depends-on" href="#ac-2.3_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ac-2.3_smt"/>
         </part>
         <part id="ac-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -954,32 +954,32 @@
         </part>
         <part id="ac-2.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(04)"/>
-          <link rel="depends-on" href="#ac-2.4_smt"/>
           <part id="ac-2.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(04)[01]"/>
-            <link rel="depends-on" href="#ac-2.4_smt"/>
             <p>account creation is automatically audited;</p>
+            <link rel="depends-on" href="#ac-2.4_smt"/>
           </part>
           <part id="ac-2.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(04)[02]"/>
-            <link rel="depends-on" href="#ac-2.4_smt"/>
             <p>account modification is automatically audited;</p>
+            <link rel="depends-on" href="#ac-2.4_smt"/>
           </part>
           <part id="ac-2.4_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(04)[03]"/>
-            <link rel="depends-on" href="#ac-2.4_smt"/>
             <p>account enabling is automatically audited;</p>
+            <link rel="depends-on" href="#ac-2.4_smt"/>
           </part>
           <part id="ac-2.4_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(04)[04]"/>
-            <link rel="depends-on" href="#ac-2.4_smt"/>
             <p>account disabling is automatically audited;</p>
+            <link rel="depends-on" href="#ac-2.4_smt"/>
           </part>
           <part id="ac-2.4_obj-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(04)[05]"/>
-            <link rel="depends-on" href="#ac-2.4_smt"/>
             <p>account removal actions are automatically audited.</p>
+            <link rel="depends-on" href="#ac-2.4_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-2.4_smt"/>
         </part>
         <part id="ac-2.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1037,8 +1037,8 @@
         </part>
         <part id="ac-2.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(05)"/>
-          <link rel="depends-on" href="#ac-2.5_smt"/>
           <p>users are required to log out when <insert type="param" id-ref="ac-02.05_odp"/>.</p>
+          <link rel="depends-on" href="#ac-2.5_smt"/>
         </part>
         <part id="ac-2.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1089,8 +1089,8 @@
         </part>
         <part id="ac-2.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(06)"/>
-          <link rel="depends-on" href="#ac-2.6_smt"/>
           <p><insert type="param" id-ref="ac-02.06_odp"/> are implemented.</p>
+          <link rel="depends-on" href="#ac-2.6_smt"/>
         </part>
         <part id="ac-2.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1162,27 +1162,27 @@
         </part>
         <part id="ac-2.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(07)"/>
-          <link rel="depends-on" href="#ac-2.7_smt"/>
           <part id="ac-2.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(07)(a)"/>
-            <link rel="depends-on" href="#ac-2.7_smt.a"/>
             <p>privileged user accounts are established and administered in accordance with <insert type="param" id-ref="ac-02.07_odp"/>;</p>
+            <link rel="depends-on" href="#ac-2.7_smt.a"/>
           </part>
           <part id="ac-2.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(07)(b)"/>
-            <link rel="depends-on" href="#ac-2.7_smt.b"/>
             <p>privileged role or attribute assignments are monitored;</p>
+            <link rel="depends-on" href="#ac-2.7_smt.b"/>
           </part>
           <part id="ac-2.7_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(07)(c)"/>
-            <link rel="depends-on" href="#ac-2.7_smt.c"/>
             <p>changes to roles or attributes are monitored;</p>
+            <link rel="depends-on" href="#ac-2.7_smt.c"/>
           </part>
           <part id="ac-2.7_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(07)(d)"/>
-            <link rel="depends-on" href="#ac-2.7_smt.d"/>
             <p>access is revoked when privileged role or attribute assignments are no longer appropriate.</p>
+            <link rel="depends-on" href="#ac-2.7_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ac-2.7_smt"/>
         </part>
         <part id="ac-2.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1243,27 +1243,27 @@
         </part>
         <part id="ac-2.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(08)"/>
-          <link rel="depends-on" href="#ac-2.8_smt"/>
           <part id="ac-2.8_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(08)[01]"/>
-            <link rel="depends-on" href="#ac-2.8_smt"/>
             <p><insert type="param" id-ref="ac-02.08_odp"/> are created dynamically;</p>
+            <link rel="depends-on" href="#ac-2.8_smt"/>
           </part>
           <part id="ac-2.8_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(08)[02]"/>
-            <link rel="depends-on" href="#ac-2.8_smt"/>
             <p><insert type="param" id-ref="ac-02.08_odp"/> are activated dynamically;</p>
+            <link rel="depends-on" href="#ac-2.8_smt"/>
           </part>
           <part id="ac-2.8_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(08)[03]"/>
-            <link rel="depends-on" href="#ac-2.8_smt"/>
             <p><insert type="param" id-ref="ac-02.08_odp"/> are managed dynamically;</p>
+            <link rel="depends-on" href="#ac-2.8_smt"/>
           </part>
           <part id="ac-2.8_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(08)[04]"/>
-            <link rel="depends-on" href="#ac-2.8_smt"/>
             <p><insert type="param" id-ref="ac-02.08_odp"/> are deactivated dynamically.</p>
+            <link rel="depends-on" href="#ac-2.8_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-2.8_smt"/>
         </part>
         <part id="ac-2.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1321,8 +1321,8 @@
         </part>
         <part id="ac-2.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(09)"/>
-          <link rel="depends-on" href="#ac-2.9_smt"/>
           <p>the use of shared and group accounts is only permitted if <insert type="param" id-ref="ac-02.09_odp"/> are met.</p>
+          <link rel="depends-on" href="#ac-2.9_smt"/>
         </part>
         <part id="ac-2.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1394,8 +1394,8 @@
         </part>
         <part id="ac-2.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(11)"/>
-          <link rel="depends-on" href="#ac-2.11_smt"/>
           <p><insert type="param" id-ref="ac-02.11_odp.01"/> for <insert type="param" id-ref="ac-02.11_odp.02"/> are enforced.</p>
+          <link rel="depends-on" href="#ac-2.11_smt"/>
         </part>
         <part id="ac-2.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1473,17 +1473,17 @@
         </part>
         <part id="ac-2.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(12)"/>
-          <link rel="depends-on" href="#ac-2.12_smt"/>
           <part id="ac-2.12_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(12)(a)"/>
-            <link rel="depends-on" href="#ac-2.12_smt.a"/>
             <p>system accounts are monitored for <insert type="param" id-ref="ac-02.12_odp.01"/>; </p>
+            <link rel="depends-on" href="#ac-2.12_smt.a"/>
           </part>
           <part id="ac-2.12_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-02(12)(b)"/>
-            <link rel="depends-on" href="#ac-2.12_smt.b"/>
             <p>atypical usage of system accounts is reported to <insert type="param" id-ref="ac-02.12_odp.02"/>.</p>
+            <link rel="depends-on" href="#ac-2.12_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-2.12_smt"/>
         </part>
         <part id="ac-2.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1552,8 +1552,8 @@
         </part>
         <part id="ac-2.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-02(13)"/>
-          <link rel="depends-on" href="#ac-2.13_smt"/>
           <p>accounts of individuals are disabled within <insert type="param" id-ref="ac-02.13_odp.01"/> of discovery of <insert type="param" id-ref="ac-02.13_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-2.13_smt"/>
         </part>
         <part id="ac-2.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1653,8 +1653,8 @@
       </part>
       <part id="ac-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-03"/>
-        <link rel="depends-on" href="#ac-3_smt"/>
         <p>approved authorizations for logical access to information and system resources are enforced in accordance with applicable access control policies.</p>
+        <link rel="depends-on" href="#ac-3_smt"/>
       </part>
       <part id="ac-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1722,8 +1722,8 @@
         </part>
         <part id="ac-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(02)"/>
-          <link rel="depends-on" href="#ac-3.2_smt"/>
           <p>dual authorization is enforced for <insert type="param" id-ref="ac-03.02_odp"/>.</p>
+          <link rel="depends-on" href="#ac-3.2_smt"/>
         </part>
         <part id="ac-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1842,65 +1842,65 @@
         </part>
         <part id="ac-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(03)"/>
-          <link rel="depends-on" href="#ac-3.3_smt"/>
           <part id="ac-3.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(03)[01]"/>
-            <link rel="depends-on" href="#ac-3.3_smt"/>
             <p><insert type="param" id-ref="ac-03.03_odp.01"/> is enforced over the set of covered subjects specified in the policy;</p>
+            <link rel="depends-on" href="#ac-3.3_smt"/>
           </part>
           <part id="ac-3.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(03)[02]"/>
-            <link rel="depends-on" href="#ac-3.3_smt"/>
             <p><insert type="param" id-ref="ac-03.03_odp.02"/> is enforced over the set of covered objects specified in the policy;</p>
+            <link rel="depends-on" href="#ac-3.3_smt"/>
           </part>
           <part id="ac-3.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(03)(a)"/>
-            <link rel="depends-on" href="#ac-3.3_smt.a"/>
             <part id="ac-3.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(a)[01]"/>
-              <link rel="depends-on" href="#ac-3.3_smt.a"/>
               <p><insert type="param" id-ref="ac-03.03_odp.01"/> is uniformly enforced across the covered subjects within the system;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.a"/>
             </part>
             <part id="ac-3.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(a)[02]"/>
-              <link rel="depends-on" href="#ac-3.3_smt.a"/>
               <p><insert type="param" id-ref="ac-03.03_odp.02"/> is uniformly enforced across the covered objects within the system;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ac-3.3_smt.a"/>
           </part>
           <part id="ac-3.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(03)(b)"/>
-            <link rel="depends-on" href="#ac-3.3_smt.b"/>
             <part id="ac-3.3_obj.b.1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(b)(01)"/>
-              <link rel="depends-on" href="#ac-3.3_smt.b.1"/>
               <p><insert type="param" id-ref="ac-03.03_odp.01"/> and <insert type="param" id-ref="ac-03.03_odp.02"/> specifying that a subject that has been granted access to information is constrained from passing the information to unauthorized subjects or objects are enforced;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.b.1"/>
             </part>
             <part id="ac-3.3_obj.b.2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(b)(02)"/>
-              <link rel="depends-on" href="#ac-3.3_smt.b.2"/>
               <p><insert type="param" id-ref="ac-03.03_odp.01"/> and <insert type="param" id-ref="ac-03.03_odp.02"/> specifying that a subject that has been granted access to information is constrained from granting its privileges to other subjects are enforced;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.b.2"/>
             </part>
             <part id="ac-3.3_obj.b.3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(b)(03)"/>
-              <link rel="depends-on" href="#ac-3.3_smt.b.3"/>
               <p><insert type="param" id-ref="ac-03.03_odp.01"/> and <insert type="param" id-ref="ac-03.03_odp.02"/> specifying that a subject that has been granted access to information is constrained from changing one of more security attributes (specified by the policy) on subjects, objects, the system, or system components are enforced;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.b.3"/>
             </part>
             <part id="ac-3.3_obj.b.4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(b)(04)"/>
-              <link rel="depends-on" href="#ac-3.3_smt.b.4"/>
               <p><insert type="param" id-ref="ac-03.03_odp.01"/> and <insert type="param" id-ref="ac-03.03_odp.02"/> specifying that a subject that has been granted access to information is constrained from choosing the security attributes and attribute values (specified by the policy) to be associated with newly created or modified objects are enforced;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.b.4"/>
             </part>
             <part id="ac-3.3_obj.b.5" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(03)(b)(05)"/>
-              <link rel="depends-on" href="#ac-3.3_smt.b.5"/>
               <p><insert type="param" id-ref="ac-03.03_odp.01"/> and <insert type="param" id-ref="ac-03.03_odp.02"/> specifying that a subject that has been granted access to information is constrained from changing the rules governing access control are enforced;</p>
+              <link rel="depends-on" href="#ac-3.3_smt.b.5"/>
             </part>
+            <link rel="depends-on" href="#ac-3.3_smt.b"/>
           </part>
           <part id="ac-3.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(03)(c)"/>
-            <link rel="depends-on" href="#ac-3.3_smt.c"/>
             <p><insert type="param" id-ref="ac-03.03_odp.01"/> and <insert type="param" id-ref="ac-03.03_odp.02"/> specifying that <insert type="param" id-ref="ac-03.03_odp.03"/> may explicitly be granted <insert type="param" id-ref="ac-03.03_odp.04"/> such that they are not limited by any defined subset (or all) of the above constraints are enforced.</p>
+            <link rel="depends-on" href="#ac-3.3_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ac-3.3_smt"/>
         </part>
         <part id="ac-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -1989,42 +1989,42 @@
         </part>
         <part id="ac-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(04)"/>
-          <link rel="depends-on" href="#ac-3.4_smt"/>
           <part id="ac-3.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)[01]"/>
-            <link rel="depends-on" href="#ac-3.4_smt"/>
             <p><insert type="param" id-ref="ac-03.04_odp.01"/> is enforced over the set of covered subjects specified in the policy;</p>
+            <link rel="depends-on" href="#ac-3.4_smt"/>
           </part>
           <part id="ac-3.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)[02]"/>
-            <link rel="depends-on" href="#ac-3.4_smt"/>
             <p><insert type="param" id-ref="ac-03.04_odp.02"/> is enforced over the set of covered objects specified in the policy;</p>
+            <link rel="depends-on" href="#ac-3.4_smt"/>
           </part>
           <part id="ac-3.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)(a)"/>
-            <link rel="depends-on" href="#ac-3.4_smt.a"/>
             <p><insert type="param" id-ref="ac-03.04_odp.01"/> and <insert type="param" id-ref="ac-03.04_odp.02"/> are enforced where the policy specifies that a subject that has been granted access to information can pass the information to any other subjects or objects;</p>
+            <link rel="depends-on" href="#ac-3.4_smt.a"/>
           </part>
           <part id="ac-3.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)(b)"/>
-            <link rel="depends-on" href="#ac-3.4_smt.b"/>
             <p><insert type="param" id-ref="ac-03.04_odp.01"/> and <insert type="param" id-ref="ac-03.04_odp.02"/> are enforced where the policy specifies that a subject that has been granted access to information can grant its privileges to other subjects;</p>
+            <link rel="depends-on" href="#ac-3.4_smt.b"/>
           </part>
           <part id="ac-3.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)(c)"/>
-            <link rel="depends-on" href="#ac-3.4_smt.c"/>
             <p><insert type="param" id-ref="ac-03.04_odp.01"/> and <insert type="param" id-ref="ac-03.04_odp.02"/> are enforced where the policy specifies that a subject that has been granted access to information can change security attributes on subjects, objects, the system, or the system’s components;</p>
+            <link rel="depends-on" href="#ac-3.4_smt.c"/>
           </part>
           <part id="ac-3.4_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)(d)"/>
-            <link rel="depends-on" href="#ac-3.4_smt.d"/>
             <p><insert type="param" id-ref="ac-03.04_odp.01"/> and <insert type="param" id-ref="ac-03.04_odp.02"/> are enforced where the policy specifies that a subject that has been granted access to information can choose the security attributes to be associated with newly created or revised objects;</p>
+            <link rel="depends-on" href="#ac-3.4_smt.d"/>
           </part>
           <part id="ac-3.4_obj.e" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(04)(e)"/>
-            <link rel="depends-on" href="#ac-3.4_smt.e"/>
             <p><insert type="param" id-ref="ac-03.04_odp.01"/> and <insert type="param" id-ref="ac-03.04_odp.02"/> are enforced where the policy specifies that a subject that has been granted access to information can change the rules governing access control.</p>
+            <link rel="depends-on" href="#ac-3.4_smt.e"/>
           </part>
+          <link rel="depends-on" href="#ac-3.4_smt"/>
         </part>
         <part id="ac-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2084,8 +2084,8 @@
         </part>
         <part id="ac-3.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(05)"/>
-          <link rel="depends-on" href="#ac-3.5_smt"/>
           <p>access to <insert type="param" id-ref="ac-03.05_odp"/> is prevented except during secure, non-operable system states.</p>
+          <link rel="depends-on" href="#ac-3.5_smt"/>
         </part>
         <part id="ac-3.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2162,22 +2162,22 @@
         </part>
         <part id="ac-3.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(07)"/>
-          <link rel="depends-on" href="#ac-3.7_smt"/>
           <part id="ac-3.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(07)[01]"/>
-            <link rel="depends-on" href="#ac-3.7_smt"/>
             <p>a role-based access control policy is enforced over defined subjects;</p>
+            <link rel="depends-on" href="#ac-3.7_smt"/>
           </part>
           <part id="ac-3.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(07)[02]"/>
-            <link rel="depends-on" href="#ac-3.7_smt"/>
             <p>a role-based access control policy is enforced over defined objects;</p>
+            <link rel="depends-on" href="#ac-3.7_smt"/>
           </part>
           <part id="ac-3.7_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(07)[03]"/>
-            <link rel="depends-on" href="#ac-3.7_smt"/>
             <p>access is controlled based on <insert type="param" id-ref="ac-03.07_odp.01"/> and <insert type="param" id-ref="ac-03.07_odp.02"/>.</p>
+            <link rel="depends-on" href="#ac-3.7_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-3.7_smt"/>
         </part>
         <part id="ac-3.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2238,17 +2238,17 @@
         </part>
         <part id="ac-3.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(08)"/>
-          <link rel="depends-on" href="#ac-3.8_smt"/>
           <part id="ac-3.8_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(08)[01]"/>
-            <link rel="depends-on" href="#ac-3.8_smt"/>
             <p>revocation of access authorizations is enforced, resulting from changes to the security attributes of subjects based on <insert type="param" id-ref="ac-03.08_odp"/>;</p>
+            <link rel="depends-on" href="#ac-3.8_smt"/>
           </part>
           <part id="ac-3.8_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(08)[02]"/>
-            <link rel="depends-on" href="#ac-3.8_smt"/>
             <p>revocation of access authorizations is enforced resulting from changes to the security attributes of objects based on <insert type="param" id-ref="ac-03.08_odp"/>.</p>
+            <link rel="depends-on" href="#ac-3.8_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-3.8_smt"/>
         </part>
         <part id="ac-3.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2335,17 +2335,17 @@
         </part>
         <part id="ac-3.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(09)"/>
-          <link rel="depends-on" href="#ac-3.9_smt"/>
           <part id="ac-3.9_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(09)(a)"/>
-            <link rel="depends-on" href="#ac-3.9_smt.a"/>
             <p>information is released outside of the system only if the receiving <insert type="param" id-ref="ac-03.09_odp.01"/> provides <insert type="param" id-ref="ac-03.09_odp.02"/>;</p>
+            <link rel="depends-on" href="#ac-3.9_smt.a"/>
           </part>
           <part id="ac-3.9_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(09)(b)"/>
-            <link rel="depends-on" href="#ac-3.9_smt.b"/>
             <p>information is released outside of the system only if <insert type="param" id-ref="ac-03.09_odp.03"/> are used to validate the appropriateness of the information designated for release.</p>
+            <link rel="depends-on" href="#ac-3.9_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-3.9_smt"/>
         </part>
         <part id="ac-3.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2423,8 +2423,8 @@
         </part>
         <part id="ac-3.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(10)"/>
-          <link rel="depends-on" href="#ac-3.10_smt"/>
           <p>an audited override of automated access control mechanisms is employed under <insert type="param" id-ref="ac-03.10_odp.01"/> by <insert type="param" id-ref="ac-03.10_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-3.10_smt"/>
         </part>
         <part id="ac-3.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2484,8 +2484,8 @@
         </part>
         <part id="ac-3.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(11)"/>
-          <link rel="depends-on" href="#ac-3.11_smt"/>
           <p>access to data repositories containing <insert type="param" id-ref="ac-03.11_odp"/> is restricted.</p>
+          <link rel="depends-on" href="#ac-3.11_smt"/>
         </part>
         <part id="ac-3.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2553,22 +2553,22 @@
         </part>
         <part id="ac-3.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(12)"/>
-          <link rel="depends-on" href="#ac-3.12_smt"/>
           <part id="ac-3.12_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(12)(a)"/>
-            <link rel="depends-on" href="#ac-3.12_smt.a"/>
             <p>as part of the installation process, applications are required to assert the access needed to the following system applications and functions: <insert type="param" id-ref="ac-03.12_odp"/>;</p>
+            <link rel="depends-on" href="#ac-3.12_smt.a"/>
           </part>
           <part id="ac-3.12_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(12)(b)"/>
-            <link rel="depends-on" href="#ac-3.12_smt.b"/>
             <p>an enforcement mechanism to prevent unauthorized access is provided; </p>
+            <link rel="depends-on" href="#ac-3.12_smt.b"/>
           </part>
           <part id="ac-3.12_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(12)(c)"/>
-            <link rel="depends-on" href="#ac-3.12_smt.c"/>
             <p>access changes after initial installation of the application are approved.</p>
+            <link rel="depends-on" href="#ac-3.12_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ac-3.12_smt"/>
         </part>
         <part id="ac-3.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2624,22 +2624,22 @@
         </part>
         <part id="ac-3.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(13)"/>
-          <link rel="depends-on" href="#ac-3.13_smt"/>
           <part id="ac-3.13_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(13)[01]"/>
-            <link rel="depends-on" href="#ac-3.13_smt"/>
             <p>the attribute-based access control policy is enforced over defined subjects;</p>
+            <link rel="depends-on" href="#ac-3.13_smt"/>
           </part>
           <part id="ac-3.13_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(13)[02]"/>
-            <link rel="depends-on" href="#ac-3.13_smt"/>
             <p>the attribute-based access control policy is enforced over defined objects;</p>
+            <link rel="depends-on" href="#ac-3.13_smt"/>
           </part>
           <part id="ac-3.13_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(13)[03]"/>
-            <link rel="depends-on" href="#ac-3.13_smt"/>
             <p>access is controlled based on <insert type="param" id-ref="ac-03.13_odp"/>.</p>
+            <link rel="depends-on" href="#ac-3.13_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-3.13_smt"/>
         </part>
         <part id="ac-3.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2708,8 +2708,8 @@
         </part>
         <part id="ac-3.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(14)"/>
-          <link rel="depends-on" href="#ac-3.14_smt"/>
           <p><insert type="param" id-ref="ac-03.14_odp.01"/> are provided to enable individuals to have access to <insert type="param" id-ref="ac-03.14_odp.02"/> of their personally identifiable information.</p>
+          <link rel="depends-on" href="#ac-3.14_smt"/>
         </part>
         <part id="ac-3.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2811,35 +2811,35 @@
         </part>
         <part id="ac-3.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-03(15)"/>
-          <link rel="depends-on" href="#ac-3.15_smt"/>
           <part id="ac-3.15_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(15)(a)"/>
-            <link rel="depends-on" href="#ac-3.15_smt.a"/>
             <part id="ac-3.15_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(15)(a)[01]"/>
-              <link rel="depends-on" href="#ac-3.15_smt.a"/>
               <p><insert type="param" id-ref="ac-03.15_odp.01"/> is enforced over the set of covered subjects specified in the policy;</p>
+              <link rel="depends-on" href="#ac-3.15_smt.a"/>
             </part>
             <part id="ac-3.15_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(15)(a)[02]"/>
-              <link rel="depends-on" href="#ac-3.15_smt.a"/>
               <p><insert type="param" id-ref="ac-03.15_odp.02"/> is enforced over the set of covered objects specified in the policy;</p>
+              <link rel="depends-on" href="#ac-3.15_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ac-3.15_smt.a"/>
           </part>
           <part id="ac-3.15_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-03(15)(b)"/>
-            <link rel="depends-on" href="#ac-3.15_smt.b"/>
             <part id="ac-3.15_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(15)(b)[01]"/>
-              <link rel="depends-on" href="#ac-3.15_smt.b"/>
               <p><insert type="param" id-ref="ac-03.15_odp.03"/> is enforced over the set of covered subjects specified in the policy;</p>
+              <link rel="depends-on" href="#ac-3.15_smt.b"/>
             </part>
             <part id="ac-3.15_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-03(15)(b)[02]"/>
-              <link rel="depends-on" href="#ac-3.15_smt.b"/>
               <p><insert type="param" id-ref="ac-03.15_odp.04"/> is enforced over the set of covered objects specified in the policy.</p>
+              <link rel="depends-on" href="#ac-3.15_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ac-3.15_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-3.15_smt"/>
         </part>
         <part id="ac-3.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -2919,8 +2919,8 @@
       </part>
       <part id="ac-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-04"/>
-        <link rel="depends-on" href="#ac-4_smt"/>
         <p>approved authorizations are enforced for controlling the flow of information within the system and between connected systems based on <insert type="param" id-ref="ac-04_odp"/>.</p>
+        <link rel="depends-on" href="#ac-4_smt"/>
       </part>
       <part id="ac-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3051,17 +3051,17 @@
         </part>
         <part id="ac-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(01)"/>
-          <link rel="depends-on" href="#ac-4.1_smt"/>
           <part id="ac-4.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(01)[01]"/>
-            <link rel="depends-on" href="#ac-4.1_smt"/>
             <p><insert type="param" id-ref="ac-04.01_odp.01"/> associated with <insert type="param" id-ref="ac-04.01_odp.03"/>, <insert type="param" id-ref="ac-04.01_odp.05"/> , and <insert type="param" id-ref="ac-04.01_odp.07"/> are used to enforce <insert type="param" id-ref="ac-04.01_odp.09"/> as a basis for flow control decisions;</p>
+            <link rel="depends-on" href="#ac-4.1_smt"/>
           </part>
           <part id="ac-4.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(01)[02]"/>
-            <link rel="depends-on" href="#ac-4.1_smt"/>
             <p><insert type="param" id-ref="ac-04.01_odp.02"/> associated with <insert type="param" id-ref="ac-04.01_odp.04"/>, <insert type="param" id-ref="ac-04.01_odp.06"/> , and <insert type="param" id-ref="ac-04.01_odp.08"/> are used to enforce <insert type="param" id-ref="ac-04.01_odp.09"/> as a basis for flow control decisions.</p>
+            <link rel="depends-on" href="#ac-4.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.1_smt"/>
         </part>
         <part id="ac-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3121,8 +3121,8 @@
         </part>
         <part id="ac-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(02)"/>
-          <link rel="depends-on" href="#ac-4.2_smt"/>
           <p>protected processing domains are used to enforce <insert type="param" id-ref="ac-04.02_odp"/> as a basis for flow control decisions.</p>
+          <link rel="depends-on" href="#ac-4.2_smt"/>
         </part>
         <part id="ac-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3179,8 +3179,8 @@
         </part>
         <part id="ac-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(03)"/>
-          <link rel="depends-on" href="#ac-4.3_smt"/>
           <p><insert type="param" id-ref="ac-04.03_odp"/> are enforced.</p>
+          <link rel="depends-on" href="#ac-4.3_smt"/>
         </part>
         <part id="ac-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3257,8 +3257,8 @@
         </part>
         <part id="ac-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(04)"/>
-          <link rel="depends-on" href="#ac-4.4_smt"/>
           <p>encrypted information is prevented from bypassing <insert type="param" id-ref="ac-04.04_odp.01"/> by <insert type="param" id-ref="ac-04.04_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-4.4_smt"/>
         </part>
         <part id="ac-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3314,8 +3314,8 @@
         </part>
         <part id="ac-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(05)"/>
-          <link rel="depends-on" href="#ac-4.5_smt"/>
           <p><insert type="param" id-ref="ac-04.05_odp"/> are enforced on embedding data types within other data types.</p>
+          <link rel="depends-on" href="#ac-4.5_smt"/>
         </part>
         <part id="ac-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3373,8 +3373,8 @@
         </part>
         <part id="ac-4.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(06)"/>
-          <link rel="depends-on" href="#ac-4.6_smt"/>
           <p>information flow control enforcement is based on <insert type="param" id-ref="ac-04.06_odp"/>.</p>
+          <link rel="depends-on" href="#ac-4.6_smt"/>
         </part>
         <part id="ac-4.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3423,8 +3423,8 @@
         </part>
         <part id="ac-4.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(07)"/>
-          <link rel="depends-on" href="#ac-4.7_smt"/>
           <p>one-way information flows are enforced through hardware-based flow control mechanisms.</p>
+          <link rel="depends-on" href="#ac-4.7_smt"/>
         </part>
         <part id="ac-4.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3547,27 +3547,27 @@
         </part>
         <part id="ac-4.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(08)"/>
-          <link rel="depends-on" href="#ac-4.8_smt"/>
           <part id="ac-4.8_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(08)(a)"/>
-            <link rel="depends-on" href="#ac-4.8_smt.a"/>
             <part id="ac-4.8_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-04(08)(a)[01]"/>
-              <link rel="depends-on" href="#ac-4.8_smt.a"/>
               <p>information flow control is enforced using <insert type="param" id-ref="ac-04.08_odp.01"/> as a basis for flow control decisions for <insert type="param" id-ref="ac-04.08_odp.03"/>;</p>
+              <link rel="depends-on" href="#ac-4.8_smt.a"/>
             </part>
             <part id="ac-4.8_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-04(08)(a)[02]"/>
-              <link rel="depends-on" href="#ac-4.8_smt.a"/>
               <p>information flow control is enforced using <insert type="param" id-ref="ac-04.08_odp.02"/> as a basis for flow control decisions for <insert type="param" id-ref="ac-04.08_odp.04"/>;</p>
+              <link rel="depends-on" href="#ac-4.8_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ac-4.8_smt.a"/>
           </part>
           <part id="ac-4.8_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(08)(b)"/>
-            <link rel="depends-on" href="#ac-4.8_smt.b"/>
             <p><insert type="param" id-ref="ac-04.08_odp.05"/> data after a filter processing failure in accordance with <insert type="param" id-ref="ac-04.08_odp.06"/>;</p>
             <p><insert type="param" id-ref="ac-04.08_odp.05"/> data after a filter processing failure in accordance with <insert type="param" id-ref="ac-04.08_odp.07"/>.</p>
+            <link rel="depends-on" href="#ac-4.8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-4.8_smt"/>
         </part>
         <part id="ac-4.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3636,8 +3636,8 @@
         </part>
         <part id="ac-4.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(09)"/>
-          <link rel="depends-on" href="#ac-4.9_smt"/>
           <p>human reviews are used for <insert type="param" id-ref="ac-04.09_odp.01"/> under <insert type="param" id-ref="ac-04.09_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-4.9_smt"/>
         </part>
         <part id="ac-4.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3728,17 +3728,17 @@
         </part>
         <part id="ac-4.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(10)"/>
-          <link rel="depends-on" href="#ac-4.10_smt"/>
           <part id="ac-4.10_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(10)[01]"/>
-            <link rel="depends-on" href="#ac-4.10_smt"/>
             <p>capability is provided for privileged administrators to enable and disable <insert type="param" id-ref="ac-04.10_odp.01"/> under <insert type="param" id-ref="ac-04.10_odp.03"/>;</p>
+            <link rel="depends-on" href="#ac-4.10_smt"/>
           </part>
           <part id="ac-4.10_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(10)[02]"/>
-            <link rel="depends-on" href="#ac-4.10_smt"/>
             <p>capability is provided for privileged administrators to enable and disable <insert type="param" id-ref="ac-04.10_odp.02"/> under <insert type="param" id-ref="ac-04.10_odp.04"/>.</p>
+            <link rel="depends-on" href="#ac-4.10_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.10_smt"/>
         </part>
         <part id="ac-4.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3811,17 +3811,17 @@
         </part>
         <part id="ac-4.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(11)"/>
-          <link rel="depends-on" href="#ac-4.11_smt"/>
           <part id="ac-4.11_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(11)[01]"/>
-            <link rel="depends-on" href="#ac-4.11_smt"/>
             <p>capability is provided for privileged administrators to configure <insert type="param" id-ref="ac-04.11_odp.01"/> to support different security or privacy policies;</p>
+            <link rel="depends-on" href="#ac-4.11_smt"/>
           </part>
           <part id="ac-4.11_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(11)[02]"/>
-            <link rel="depends-on" href="#ac-4.11_smt"/>
             <p>capability is provided for privileged administrators to configure <insert type="param" id-ref="ac-04.11_odp.02"/> to support different security or privacy policies.</p>
+            <link rel="depends-on" href="#ac-4.11_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.11_smt"/>
         </part>
         <part id="ac-4.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3882,8 +3882,8 @@
         </part>
         <part id="ac-4.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(12)"/>
-          <link rel="depends-on" href="#ac-4.12_smt"/>
           <p>when transferring information between different security domains, <insert type="param" id-ref="ac-04.12_odp"/> are used to validate data essential for information flow decisions.</p>
+          <link rel="depends-on" href="#ac-4.12_smt"/>
         </part>
         <part id="ac-4.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -3940,8 +3940,8 @@
         </part>
         <part id="ac-4.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(13)"/>
-          <link rel="depends-on" href="#ac-4.13_smt"/>
           <p>when transferring information between different security domains, information is decomposed into <insert type="param" id-ref="ac-04.13_odp"/> for submission to policy enforcement mechanisms.</p>
+          <link rel="depends-on" href="#ac-4.13_smt"/>
         </part>
         <part id="ac-4.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4008,17 +4008,17 @@
         </part>
         <part id="ac-4.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(14)"/>
-          <link rel="depends-on" href="#ac-4.14_smt"/>
           <part id="ac-4.14_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(14)[01]"/>
-            <link rel="depends-on" href="#ac-4.14_smt"/>
             <p>when transferring information between different security domains, implemented <insert type="param" id-ref="ac-04.14_odp.01"/> require fully enumerated formats that restrict data structure and content;</p>
+            <link rel="depends-on" href="#ac-4.14_smt"/>
           </part>
           <part id="ac-4.14_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(14)[02]"/>
-            <link rel="depends-on" href="#ac-4.14_smt"/>
             <p>when transferring information between different security domains, implemented <insert type="param" id-ref="ac-04.14_odp.02"/> require fully enumerated formats that restrict data structure and content.</p>
+            <link rel="depends-on" href="#ac-4.14_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.14_smt"/>
         </part>
         <part id="ac-4.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4099,22 +4099,22 @@
         </part>
         <part id="ac-4.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(15)"/>
-          <link rel="depends-on" href="#ac-4.15_smt"/>
           <part id="ac-4.15_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(15)[01]"/>
-            <link rel="depends-on" href="#ac-4.15_smt"/>
             <p>when transferring information between different security domains, information is examined for the presence of <insert type="param" id-ref="ac-04.15_odp.01"/>;</p>
+            <link rel="depends-on" href="#ac-4.15_smt"/>
           </part>
           <part id="ac-4.15_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(15)[02]"/>
-            <link rel="depends-on" href="#ac-4.15_smt"/>
             <p>when transferring information between different security domains, transfer of <insert type="param" id-ref="ac-04.15_odp.01"/> is prohibited in accordance with the <insert type="param" id-ref="ac-04.15_odp.02"/>;</p>
+            <link rel="depends-on" href="#ac-4.15_smt"/>
           </part>
           <part id="ac-4.15_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(15)[03]"/>
-            <link rel="depends-on" href="#ac-4.15_smt"/>
             <p>when transferring information between different security domains, transfer of <insert type="param" id-ref="ac-04.15_odp.01"/> is prohibited in accordance with the <insert type="param" id-ref="ac-04.15_odp.03"/>.</p>
+            <link rel="depends-on" href="#ac-4.15_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.15_smt"/>
         </part>
         <part id="ac-4.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4182,8 +4182,8 @@
         </part>
         <part id="ac-4.17_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(17)"/>
-          <link rel="depends-on" href="#ac-4.17_smt"/>
           <p>source and destination points are uniquely identified and authenticated by <insert type="param" id-ref="ac-04.17_odp"/> for information transfer.</p>
+          <link rel="depends-on" href="#ac-4.17_smt"/>
         </part>
         <part id="ac-4.17_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4261,17 +4261,17 @@
         </part>
         <part id="ac-4.19_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(19)"/>
-          <link rel="depends-on" href="#ac-4.19_smt"/>
           <part id="ac-4.19_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(19)[01]"/>
-            <link rel="depends-on" href="#ac-4.19_smt"/>
             <p>when transferring information between different security domains, <insert type="param" id-ref="ac-04.19_odp.01"/> are implemented on metadata;</p>
+            <link rel="depends-on" href="#ac-4.19_smt"/>
           </part>
           <part id="ac-4.19_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(19)[02]"/>
-            <link rel="depends-on" href="#ac-4.19_smt"/>
             <p>when transferring information between different security domains, <insert type="param" id-ref="ac-04.19_odp.02"/> are implemented on metadata.</p>
+            <link rel="depends-on" href="#ac-4.19_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.19_smt"/>
         </part>
         <part id="ac-4.19_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4340,8 +4340,8 @@
         </part>
         <part id="ac-4.20_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(20)"/>
-          <link rel="depends-on" href="#ac-4.20_smt"/>
           <p><insert type="param" id-ref="ac-04.20_odp.01"/> are employed to control the flow of <insert type="param" id-ref="ac-04.20_odp.02"/> across security domains.</p>
+          <link rel="depends-on" href="#ac-4.20_smt"/>
         </part>
         <part id="ac-4.20_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4421,17 +4421,17 @@
         </part>
         <part id="ac-4.21_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(21)"/>
-          <link rel="depends-on" href="#ac-4.21_smt"/>
           <part id="ac-4.21_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(21)[01]"/>
-            <link rel="depends-on" href="#ac-4.21_smt"/>
             <p>information flows are separated logically using <insert type="param" id-ref="ac-04.21_odp.01"/> to accomplish <insert type="param" id-ref="ac-04.21_odp.03"/>;</p>
+            <link rel="depends-on" href="#ac-4.21_smt"/>
           </part>
           <part id="ac-4.21_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(21)[02]"/>
-            <link rel="depends-on" href="#ac-4.21_smt"/>
             <p>information flows are separated physically using <insert type="param" id-ref="ac-04.21_odp.02"/> to accomplish <insert type="param" id-ref="ac-04.21_odp.03"/>.</p>
+            <link rel="depends-on" href="#ac-4.21_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.21_smt"/>
         </part>
         <part id="ac-4.21_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4482,8 +4482,8 @@
         </part>
         <part id="ac-4.22_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(22)"/>
-          <link rel="depends-on" href="#ac-4.22_smt"/>
           <p>access is provided from a single device to computing platforms, applications, or data that reside in multiple different security domains while preventing information flow between the different security domains.</p>
+          <link rel="depends-on" href="#ac-4.22_smt"/>
         </part>
         <part id="ac-4.22_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4539,8 +4539,8 @@
         </part>
         <part id="ac-4.23_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(23)"/>
-          <link rel="depends-on" href="#ac-4.23_smt"/>
           <p>when transferring information between security domains, non-releasable information is modified by implementing <insert type="param" id-ref="ac-04.23_odp"/>.</p>
+          <link rel="depends-on" href="#ac-4.23_smt"/>
         </part>
         <part id="ac-4.23_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4587,17 +4587,17 @@
         </part>
         <part id="ac-4.24_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(24)"/>
-          <link rel="depends-on" href="#ac-4.24_smt"/>
           <part id="ac-4.24_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(24)[01]"/>
-            <link rel="depends-on" href="#ac-4.24_smt"/>
             <p>when transferring information between different security domains, incoming data is parsed into an internal, normalized format;</p>
+            <link rel="depends-on" href="#ac-4.24_smt"/>
           </part>
           <part id="ac-4.24_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(24)[02]"/>
-            <link rel="depends-on" href="#ac-4.24_smt"/>
             <p>when transferring information between different security domains, the data is regenerated to be consistent with its intended specification.</p>
+            <link rel="depends-on" href="#ac-4.24_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.24_smt"/>
         </part>
         <part id="ac-4.24_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4661,8 +4661,8 @@
         </part>
         <part id="ac-4.25_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(25)"/>
-          <link rel="depends-on" href="#ac-4.25_smt"/>
           <p>when transferring information between different security domains, data is sanitized to minimize <insert type="param" id-ref="ac-04.25_odp.01"/> in accordance with <insert type="param" id-ref="ac-04.25_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-4.25_smt"/>
         </part>
         <part id="ac-4.25_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4713,17 +4713,17 @@
         </part>
         <part id="ac-4.26_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(26)"/>
-          <link rel="depends-on" href="#ac-4.26_smt"/>
           <part id="ac-4.26_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(26)[01]"/>
-            <link rel="depends-on" href="#ac-4.26_smt"/>
             <p>when transferring information between different security domains, content-filtering actions are recorded and audited;</p>
+            <link rel="depends-on" href="#ac-4.26_smt"/>
           </part>
           <part id="ac-4.26_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(26)[02]"/>
-            <link rel="depends-on" href="#ac-4.26_smt"/>
             <p>when transferring information between different security domains, results for the information being filtered are recorded and audited.</p>
+            <link rel="depends-on" href="#ac-4.26_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-4.26_smt"/>
         </part>
         <part id="ac-4.26_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4772,8 +4772,8 @@
         </part>
         <part id="ac-4.27_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(27)"/>
-          <link rel="depends-on" href="#ac-4.27_smt"/>
           <p>when transferring information between security domains, implemented content filtering solutions provide redundant and independent filtering mechanisms for each data type.</p>
+          <link rel="depends-on" href="#ac-4.27_smt"/>
         </part>
         <part id="ac-4.27_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4820,8 +4820,8 @@
         </part>
         <part id="ac-4.28_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(28)"/>
-          <link rel="depends-on" href="#ac-4.28_smt"/>
           <p>when transferring information between security domains, a linear content filter pipeline is implemented that is enforced with discretionary and mandatory access controls.</p>
+          <link rel="depends-on" href="#ac-4.28_smt"/>
         </part>
         <part id="ac-4.28_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4886,26 +4886,26 @@
         </part>
         <part id="ac-4.29_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(29)"/>
-          <link rel="depends-on" href="#ac-4.29_smt"/>
           <part id="ac-4.29_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(29)(a)"/>
-            <link rel="depends-on" href="#ac-4.29_smt.a"/>
             <p>when transferring information between security domains, content filter orchestration engines are employed to ensure that content-filtering mechanisms successfully complete execution without errors;</p>
+            <link rel="depends-on" href="#ac-4.29_smt.a"/>
           </part>
           <part id="ac-4.29_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(29)(b)"/>
-            <link rel="depends-on" href="#ac-4.29_smt.b"/>
             <part id="ac-4.29_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-04(29)(b)[01]"/>
-              <link rel="depends-on" href="#ac-4.29_smt.b"/>
               <p>when transferring information between security domains, content filter orchestration engines are employed to ensure that content-filtering actions occur in the correct order;</p>
+              <link rel="depends-on" href="#ac-4.29_smt.b"/>
             </part>
             <part id="ac-4.29_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-04(29)(b)[02]"/>
-              <link rel="depends-on" href="#ac-4.29_smt.b"/>
               <p>when transferring information between security domains, content filter orchestration engines are employed to ensure that content-filtering actions comply with <insert type="param" id-ref="ac-04.29_odp"/>.</p>
+              <link rel="depends-on" href="#ac-4.29_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ac-4.29_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-4.29_smt"/>
         </part>
         <part id="ac-4.29_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -4953,8 +4953,8 @@
         </part>
         <part id="ac-4.30_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(30)"/>
-          <link rel="depends-on" href="#ac-4.30_smt"/>
           <p>when transferring information between security domains, content-filtering mechanisms using multiple processes are implemented.</p>
+          <link rel="depends-on" href="#ac-4.30_smt"/>
         </part>
         <part id="ac-4.30_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5002,8 +5002,8 @@
         </part>
         <part id="ac-4.31_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(31)"/>
-          <link rel="depends-on" href="#ac-4.31_smt"/>
           <p>when transferring information between different security domains, the transfer of failed content to the receiving domain is prevented.</p>
+          <link rel="depends-on" href="#ac-4.31_smt"/>
         </part>
         <part id="ac-4.31_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5066,27 +5066,27 @@
         </part>
         <part id="ac-4.32_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-04(32)"/>
-          <link rel="depends-on" href="#ac-4.32_smt"/>
           <part id="ac-4.32_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(32)(a)"/>
-            <link rel="depends-on" href="#ac-4.32_smt.a"/>
             <p>when transferring information between different security domains, the process that transfers information between filter pipelines does not filter message content;</p>
+            <link rel="depends-on" href="#ac-4.32_smt.a"/>
           </part>
           <part id="ac-4.32_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(32)(b)"/>
-            <link rel="depends-on" href="#ac-4.32_smt.b"/>
             <p>when transferring information between different security domains, the process that transfers information between filter pipelines validates filtering metadata;</p>
+            <link rel="depends-on" href="#ac-4.32_smt.b"/>
           </part>
           <part id="ac-4.32_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(32)(c)"/>
-            <link rel="depends-on" href="#ac-4.32_smt.c"/>
             <p>when transferring information between different security domains, the process that transfers information between filter pipelines ensures that the content with the filtering metadata has successfully completed filtering;</p>
+            <link rel="depends-on" href="#ac-4.32_smt.c"/>
           </part>
           <part id="ac-4.32_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-04(32)(d)"/>
-            <link rel="depends-on" href="#ac-4.32_smt.d"/>
             <p>when transferring information between different security domains, the process that transfers information between filter pipelines transfers the content to the destination filter pipeline.</p>
+            <link rel="depends-on" href="#ac-4.32_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ac-4.32_smt"/>
         </part>
         <part id="ac-4.32_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5166,17 +5166,17 @@
       </part>
       <part id="ac-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-05"/>
-        <link rel="depends-on" href="#ac-5_smt"/>
         <part id="ac-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-05a."/>
-          <link rel="depends-on" href="#ac-5_smt.a"/>
           <p><insert type="param" id-ref="ac-05_odp"/> are identified and documented;</p>
+          <link rel="depends-on" href="#ac-5_smt.a"/>
         </part>
         <part id="ac-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-05b."/>
-          <link rel="depends-on" href="#ac-5_smt.b"/>
           <p>system access authorizations to support separation of duties are defined.</p>
+          <link rel="depends-on" href="#ac-5_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-5_smt"/>
       </part>
       <part id="ac-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5235,8 +5235,8 @@
       </part>
       <part id="ac-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-06"/>
-        <link rel="depends-on" href="#ac-6_smt"/>
         <p>the principle of least privilege is employed, allowing only authorized accesses for users (or processes acting on behalf of users) that are necessary to accomplish assigned organizational tasks.</p>
+        <link rel="depends-on" href="#ac-6_smt"/>
       </part>
       <part id="ac-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5339,31 +5339,31 @@
         </part>
         <part id="ac-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(01)"/>
-          <link rel="depends-on" href="#ac-6.1_smt"/>
           <part id="ac-6.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-06(01)(a)"/>
-            <link rel="depends-on" href="#ac-6.1_smt.a"/>
             <part id="ac-6.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-06(01)(a)[01]"/>
-              <link rel="depends-on" href="#ac-6.1_smt.a"/>
               <p>access is authorized for <insert type="param" id-ref="ac-06.01_odp.01"/> to <insert type="param" id-ref="ac-06.01_odp.02"/>;</p>
+              <link rel="depends-on" href="#ac-6.1_smt.a"/>
             </part>
             <part id="ac-6.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-06(01)(a)[02]"/>
-              <link rel="depends-on" href="#ac-6.1_smt.a"/>
               <p>access is authorized for <insert type="param" id-ref="ac-06.01_odp.01"/> to <insert type="param" id-ref="ac-06.01_odp.03"/>;</p>
+              <link rel="depends-on" href="#ac-6.1_smt.a"/>
             </part>
             <part id="ac-6.1_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-06(01)(a)[03]"/>
-              <link rel="depends-on" href="#ac-6.1_smt.a"/>
               <p>access is authorized for <insert type="param" id-ref="ac-06.01_odp.01"/> to <insert type="param" id-ref="ac-06.01_odp.04"/>;</p>
+              <link rel="depends-on" href="#ac-6.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ac-6.1_smt.a"/>
           </part>
           <part id="ac-6.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-06(01)(b)"/>
-            <link rel="depends-on" href="#ac-6.1_smt.b"/>
             <p>access is authorized for <insert type="param" id-ref="ac-06.01_odp.01"/> to <insert type="param" id-ref="ac-06.01_odp.05"/>.</p>
+            <link rel="depends-on" href="#ac-6.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-6.1_smt"/>
         </part>
         <part id="ac-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5422,8 +5422,8 @@
         </part>
         <part id="ac-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(02)"/>
-          <link rel="depends-on" href="#ac-6.2_smt"/>
           <p>users of system accounts (or roles) with access to <insert type="param" id-ref="ac-06.02_odp"/> are required to use non-privileged accounts or roles when accessing non-security functions.</p>
+          <link rel="depends-on" href="#ac-6.2_smt"/>
         </part>
         <part id="ac-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5489,17 +5489,17 @@
         </part>
         <part id="ac-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(03)"/>
-          <link rel="depends-on" href="#ac-6.3_smt"/>
           <part id="ac-6.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-06(03)[01]"/>
-            <link rel="depends-on" href="#ac-6.3_smt"/>
             <p>network access to <insert type="param" id-ref="ac-06.03_odp.01"/> is authorized only for <insert type="param" id-ref="ac-06.03_odp.02"/>;</p>
+            <link rel="depends-on" href="#ac-6.3_smt"/>
           </part>
           <part id="ac-6.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-06(03)[02]"/>
-            <link rel="depends-on" href="#ac-6.3_smt"/>
             <p>the rationale for authorizing network access to privileged commands is documented in the security plan for the system.</p>
+            <link rel="depends-on" href="#ac-6.3_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-6.3_smt"/>
         </part>
         <part id="ac-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5552,8 +5552,8 @@
         </part>
         <part id="ac-6.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(04)"/>
-          <link rel="depends-on" href="#ac-6.4_smt"/>
           <p>separate processing domains are provided to enable finer-grain allocation of user privileges.</p>
+          <link rel="depends-on" href="#ac-6.4_smt"/>
         </part>
         <part id="ac-6.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5611,8 +5611,8 @@
         </part>
         <part id="ac-6.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(05)"/>
-          <link rel="depends-on" href="#ac-6.5_smt"/>
           <p>privileged accounts on the system are restricted to <insert type="param" id-ref="ac-06.05_odp"/>.</p>
+          <link rel="depends-on" href="#ac-6.5_smt"/>
         </part>
         <part id="ac-6.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5664,8 +5664,8 @@
         </part>
         <part id="ac-6.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(06)"/>
-          <link rel="depends-on" href="#ac-6.6_smt"/>
           <p>privileged access to the system by non-organizational users is prohibited.</p>
+          <link rel="depends-on" href="#ac-6.6_smt"/>
         </part>
         <part id="ac-6.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5738,17 +5738,17 @@
         </part>
         <part id="ac-6.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(07)"/>
-          <link rel="depends-on" href="#ac-6.7_smt"/>
           <part id="ac-6.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-06(07)(a)"/>
-            <link rel="depends-on" href="#ac-6.7_smt.a"/>
             <p>privileges assigned to <insert type="param" id-ref="ac-06.07_odp.02"/> are reviewed <insert type="param" id-ref="ac-06.07_odp.01"/> to validate the need for such privileges;</p>
+            <link rel="depends-on" href="#ac-6.7_smt.a"/>
           </part>
           <part id="ac-6.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-06(07)(b)"/>
-            <link rel="depends-on" href="#ac-6.7_smt.b"/>
             <p>privileges are reassigned or removed, if necessary, to correctly reflect organizational mission and business needs.</p>
+            <link rel="depends-on" href="#ac-6.7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-6.7_smt"/>
         </part>
         <part id="ac-6.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5806,8 +5806,8 @@
         </part>
         <part id="ac-6.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(08)"/>
-          <link rel="depends-on" href="#ac-6.8_smt"/>
           <p><insert type="param" id-ref="ac-06.08_odp"/> is prevented from executing at higher privilege levels than users executing the software.</p>
+          <link rel="depends-on" href="#ac-6.8_smt"/>
         </part>
         <part id="ac-6.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5859,8 +5859,8 @@
         </part>
         <part id="ac-6.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(09)"/>
-          <link rel="depends-on" href="#ac-6.9_smt"/>
           <p>the execution of privileged functions is logged.</p>
+          <link rel="depends-on" href="#ac-6.9_smt"/>
         </part>
         <part id="ac-6.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -5910,8 +5910,8 @@
         </part>
         <part id="ac-6.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-06(10)"/>
-          <link rel="depends-on" href="#ac-6.10_smt"/>
           <p>non-privileged users are prevented from executing privileged functions.</p>
+          <link rel="depends-on" href="#ac-6.10_smt"/>
         </part>
         <part id="ac-6.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6024,17 +6024,17 @@
       </part>
       <part id="ac-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-07"/>
-        <link rel="depends-on" href="#ac-7_smt"/>
         <part id="ac-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-07a."/>
-          <link rel="depends-on" href="#ac-7_smt.a"/>
           <p>a limit of <insert type="param" id-ref="ac-07_odp.01"/> consecutive invalid logon attempts by a user during <insert type="param" id-ref="ac-07_odp.02"/> is enforced;</p>
+          <link rel="depends-on" href="#ac-7_smt.a"/>
         </part>
         <part id="ac-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-07b."/>
-          <link rel="depends-on" href="#ac-7_smt.b"/>
           <p>automatically <insert type="param" id-ref="ac-07_odp.03"/> when the maximum number of unsuccessful attempts is exceeded.</p>
+          <link rel="depends-on" href="#ac-7_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-7_smt"/>
       </part>
       <part id="ac-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6116,8 +6116,8 @@
         </part>
         <part id="ac-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-07(02)"/>
-          <link rel="depends-on" href="#ac-7.2_smt"/>
           <p>information is purged or wiped from <insert type="param" id-ref="ac-07.02_odp.01"/> based on <insert type="param" id-ref="ac-07.02_odp.02"/> after <insert type="param" id-ref="ac-07.02_odp.03"/> consecutive, unsuccessful device logon attempts.</p>
+          <link rel="depends-on" href="#ac-7.2_smt"/>
         </part>
         <part id="ac-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6174,8 +6174,8 @@
         </part>
         <part id="ac-7.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-07(03)"/>
-          <link rel="depends-on" href="#ac-7.3_smt"/>
           <p>unsuccessful biometric logon attempts are limited to <insert type="param" id-ref="ac-07.03_odp"/>.</p>
+          <link rel="depends-on" href="#ac-7.3_smt"/>
         </part>
         <part id="ac-7.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6254,17 +6254,17 @@
         </part>
         <part id="ac-7.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-07(04)"/>
-          <link rel="depends-on" href="#ac-7.4_smt"/>
           <part id="ac-7.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-07(04)(a)"/>
-            <link rel="depends-on" href="#ac-7.4_smt.a"/>
             <p><insert type="param" id-ref="ac-07.04_odp.01"/> that are different from the primary authentication factors are allowed to be used after the number of organization-defined consecutive invalid logon attempts have been exceeded;</p>
+            <link rel="depends-on" href="#ac-7.4_smt.a"/>
           </part>
           <part id="ac-7.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-07(04)(b)"/>
-            <link rel="depends-on" href="#ac-7.4_smt.b"/>
             <p>a limit of <insert type="param" id-ref="ac-07.04_odp.02"/> consecutive invalid logon attempts through the use of the alternative factors by the user during a <insert type="param" id-ref="ac-07.04_odp.03"/> is enforced.</p>
+            <link rel="depends-on" href="#ac-7.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-7.4_smt"/>
         </part>
         <part id="ac-7.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6370,56 +6370,56 @@
       </part>
       <part id="ac-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-08"/>
-        <link rel="depends-on" href="#ac-8_smt"/>
         <part id="ac-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-08a."/>
-          <link rel="depends-on" href="#ac-8_smt.a"/>
           <p><insert type="param" id-ref="ac-08_odp.01"/> is displayed to users before granting access to the system that provides privacy and security notices consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
           <part id="ac-8_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08a.01"/>
-            <link rel="depends-on" href="#ac-8_smt.a.1"/>
             <p>the system use notification states that users are accessing a U.S. Government system;</p>
+            <link rel="depends-on" href="#ac-8_smt.a.1"/>
           </part>
           <part id="ac-8_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08a.02"/>
-            <link rel="depends-on" href="#ac-8_smt.a.2"/>
             <p>the system use notification states that system usage may be monitored, recorded, and subject to audit;</p>
+            <link rel="depends-on" href="#ac-8_smt.a.2"/>
           </part>
           <part id="ac-8_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08a.03"/>
-            <link rel="depends-on" href="#ac-8_smt.a.3"/>
             <p>the system use notification states that unauthorized use of the system is prohibited and subject to criminal and civil penalties; and</p>
+            <link rel="depends-on" href="#ac-8_smt.a.3"/>
           </part>
           <part id="ac-8_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08a.04"/>
-            <link rel="depends-on" href="#ac-8_smt.a.4"/>
             <p>the system use notification states that use of the system indicates consent to monitoring and recording;</p>
+            <link rel="depends-on" href="#ac-8_smt.a.4"/>
           </part>
+          <link rel="depends-on" href="#ac-8_smt.a"/>
         </part>
         <part id="ac-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-08b."/>
-          <link rel="depends-on" href="#ac-8_smt.b"/>
           <p>the notification message or banner is retained on the screen until users acknowledge the usage conditions and take explicit actions to log on to or further access the system;</p>
+          <link rel="depends-on" href="#ac-8_smt.b"/>
         </part>
         <part id="ac-8_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-08c."/>
-          <link rel="depends-on" href="#ac-8_smt.c"/>
           <part id="ac-8_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08c.01"/>
-            <link rel="depends-on" href="#ac-8_smt.c.1"/>
             <p>for publicly accessible systems, system use information <insert type="param" id-ref="ac-08_odp.02"/> is displayed before granting further access to the publicly accessible system;</p>
+            <link rel="depends-on" href="#ac-8_smt.c.1"/>
           </part>
           <part id="ac-8_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08c.02"/>
-            <link rel="depends-on" href="#ac-8_smt.c.2"/>
             <p>for publicly accessible systems, any references to monitoring, recording, or auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities are displayed;</p>
+            <link rel="depends-on" href="#ac-8_smt.c.2"/>
           </part>
           <part id="ac-8_obj.c.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-08c.03"/>
-            <link rel="depends-on" href="#ac-8_smt.c.3"/>
             <p>for publicly accessible systems, a description of the authorized uses of the system is included.</p>
+            <link rel="depends-on" href="#ac-8_smt.c.3"/>
           </part>
+          <link rel="depends-on" href="#ac-8_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ac-8_smt"/>
       </part>
       <part id="ac-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6474,8 +6474,8 @@
       </part>
       <part id="ac-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-09"/>
-        <link rel="depends-on" href="#ac-9_smt"/>
         <p>the user is notified, upon successful logon to the system, of the date and time of the last logon.</p>
+        <link rel="depends-on" href="#ac-9_smt"/>
       </part>
       <part id="ac-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6521,8 +6521,8 @@
         </part>
         <part id="ac-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-09(01)"/>
-          <link rel="depends-on" href="#ac-9.1_smt"/>
           <p>the user is notified, upon successful logon, of the number of unsuccessful logon attempts since the last successful logon.</p>
+          <link rel="depends-on" href="#ac-9.1_smt"/>
         </part>
         <part id="ac-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6586,8 +6586,8 @@
         </part>
         <part id="ac-9.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-09(02)"/>
-          <link rel="depends-on" href="#ac-9.2_smt"/>
           <p>the user is notified, upon successful logon, of the number of <insert type="param" id-ref="ac-09.02_odp.01"/> during <insert type="param" id-ref="ac-09.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-9.2_smt"/>
         </part>
         <part id="ac-9.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6651,8 +6651,8 @@
         </part>
         <part id="ac-9.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-09(03)"/>
-          <link rel="depends-on" href="#ac-9.3_smt"/>
           <p>the user is notified, upon successful logon, of changes to <insert type="param" id-ref="ac-09.03_odp.01"/> during <insert type="param" id-ref="ac-09.03_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-9.3_smt"/>
         </part>
         <part id="ac-9.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6707,8 +6707,8 @@
         </part>
         <part id="ac-9.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-09(04)"/>
-          <link rel="depends-on" href="#ac-9.4_smt"/>
           <p>the user is notified, upon successful logon, of <insert type="param" id-ref="ac-09.04_odp"/>.</p>
+          <link rel="depends-on" href="#ac-9.4_smt"/>
         </part>
         <part id="ac-9.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6773,8 +6773,8 @@
       </part>
       <part id="ac-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-10"/>
-        <link rel="depends-on" href="#ac-10_smt"/>
         <p>the number of concurrent sessions for each <insert type="param" id-ref="ac-10_odp.01"/> is limited to <insert type="param" id-ref="ac-10_odp.02"/>.</p>
+        <link rel="depends-on" href="#ac-10_smt"/>
       </part>
       <part id="ac-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6847,17 +6847,17 @@
       </part>
       <part id="ac-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-11"/>
-        <link rel="depends-on" href="#ac-11_smt"/>
         <part id="ac-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-11a."/>
-          <link rel="depends-on" href="#ac-11_smt.a"/>
           <p>further access to the system is prevented by <insert type="param" id-ref="ac-11_odp.01"/>;</p>
+          <link rel="depends-on" href="#ac-11_smt.a"/>
         </part>
         <part id="ac-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-11b."/>
-          <link rel="depends-on" href="#ac-11_smt.b"/>
           <p>device lock is retained until the user re-establishes access using established identification and authentication procedures.</p>
+          <link rel="depends-on" href="#ac-11_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-11_smt"/>
       </part>
       <part id="ac-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6904,8 +6904,8 @@
         </part>
         <part id="ac-11.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-11(01)"/>
-          <link rel="depends-on" href="#ac-11.1_smt"/>
           <p>information previously visible on the display is concealed, via device lock, with a publicly viewable image.</p>
+          <link rel="depends-on" href="#ac-11.1_smt"/>
         </part>
         <part id="ac-11.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -6964,8 +6964,8 @@
       </part>
       <part id="ac-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-12"/>
-        <link rel="depends-on" href="#ac-12_smt"/>
         <p>a user session is automatically terminated after <insert type="param" id-ref="ac-12_odp"/>.</p>
+        <link rel="depends-on" href="#ac-12_smt"/>
       </part>
       <part id="ac-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7021,8 +7021,8 @@
         </part>
         <part id="ac-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-12(01)"/>
-          <link rel="depends-on" href="#ac-12.1_smt"/>
           <p>a logout capability is provided for user-initiated communications sessions whenever authentication is used to gain access to <insert type="param" id-ref="ac-12.01_odp"/>.</p>
+          <link rel="depends-on" href="#ac-12.1_smt"/>
         </part>
         <part id="ac-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7071,8 +7071,8 @@
         </part>
         <part id="ac-12.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-12(02)"/>
-          <link rel="depends-on" href="#ac-12.2_smt"/>
           <p>an explicit logout message is displayed to users indicating the termination of authenticated communication sessions.</p>
+          <link rel="depends-on" href="#ac-12.2_smt"/>
         </part>
         <part id="ac-12.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7130,8 +7130,8 @@
         </part>
         <part id="ac-12.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-12(03)"/>
-          <link rel="depends-on" href="#ac-12.3_smt"/>
           <p>an explicit message to users is displayed indicating that the session will end in <insert type="param" id-ref="ac-12.03_odp"/>.</p>
+          <link rel="depends-on" href="#ac-12.3_smt"/>
         </part>
         <part id="ac-12.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7207,26 +7207,26 @@
       </part>
       <part id="ac-14_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-14"/>
-        <link rel="depends-on" href="#ac-14_smt"/>
         <part id="ac-14_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-14a."/>
-          <link rel="depends-on" href="#ac-14_smt.a"/>
           <p><insert type="param" id-ref="ac-14_odp"/> that can be performed on the system without identification or authentication consistent with organizational mission and business functions are identified;</p>
+          <link rel="depends-on" href="#ac-14_smt.a"/>
         </part>
         <part id="ac-14_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-14b."/>
-          <link rel="depends-on" href="#ac-14_smt.b"/>
           <part id="ac-14_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-14b.[01]"/>
-            <link rel="depends-on" href="#ac-14_smt.b"/>
             <p>user actions not requiring identification or authentication are documented in the security plan for the system;</p>
+            <link rel="depends-on" href="#ac-14_smt.b"/>
           </part>
           <part id="ac-14_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-14b.[02]"/>
-            <link rel="depends-on" href="#ac-14_smt.b"/>
             <p>a rationale for user actions not requiring identification or authentication is provided in the security plan for the system.</p>
+            <link rel="depends-on" href="#ac-14_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-14_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-14_smt"/>
       </part>
       <part id="ac-14_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7436,73 +7436,73 @@
       </part>
       <part id="ac-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-16"/>
-        <link rel="depends-on" href="#ac-16_smt"/>
         <part id="ac-16_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16a."/>
-          <link rel="depends-on" href="#ac-16_smt.a"/>
           <part id="ac-16_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16a.[01]"/>
-            <link rel="depends-on" href="#ac-16_smt.a"/>
             <p>the means to associate <insert type="param" id-ref="ac-16_odp.01"/> with <insert type="param" id-ref="ac-16_odp.03"/> for information in storage, in process, and/or in transmission are provided;</p>
+            <link rel="depends-on" href="#ac-16_smt.a"/>
           </part>
           <part id="ac-16_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16a.[02]"/>
-            <link rel="depends-on" href="#ac-16_smt.a"/>
             <p>the means to associate <insert type="param" id-ref="ac-16_odp.02"/> with <insert type="param" id-ref="ac-16_odp.04"/> for information in storage, in process, and/or in transmission are provided;</p>
+            <link rel="depends-on" href="#ac-16_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ac-16_smt.a"/>
         </part>
         <part id="ac-16_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16b."/>
-          <link rel="depends-on" href="#ac-16_smt.b"/>
           <part id="ac-16_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16b.[01]"/>
-            <link rel="depends-on" href="#ac-16_smt.b"/>
             <p>attribute associations are made;</p>
+            <link rel="depends-on" href="#ac-16_smt.b"/>
           </part>
           <part id="ac-16_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16b.[02]"/>
-            <link rel="depends-on" href="#ac-16_smt.b"/>
             <p>attribute associations are retained with the information;</p>
+            <link rel="depends-on" href="#ac-16_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-16_smt.b"/>
         </part>
         <part id="ac-16_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16c."/>
-          <link rel="depends-on" href="#ac-16_smt.c"/>
           <part id="ac-16_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16c.[01]"/>
-            <link rel="depends-on" href="#ac-16_smt.c"/>
             <p>the following permitted security attributes are established from the attributes defined in AC-16_ODP[01] for <insert type="param" id-ref="ac-16_odp.05"/>: <insert type="param" id-ref="ac-16_odp.07"/>;</p>
+            <link rel="depends-on" href="#ac-16_smt.c"/>
           </part>
           <part id="ac-16_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16c.[02]"/>
-            <link rel="depends-on" href="#ac-16_smt.c"/>
             <p>the following permitted privacy attributes are established from the attributes defined in AC-16_ODP[02] for <insert type="param" id-ref="ac-16_odp.06"/>: <insert type="param" id-ref="ac-16_odp.08"/>;</p>
+            <link rel="depends-on" href="#ac-16_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ac-16_smt.c"/>
         </part>
         <part id="ac-16_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16d."/>
-          <link rel="depends-on" href="#ac-16_smt.d"/>
           <p>the following permitted attribute values or ranges for each of the established attributes are determined: <insert type="param" id-ref="ac-16_odp.09"/>;</p>
+          <link rel="depends-on" href="#ac-16_smt.d"/>
         </part>
         <part id="ac-16_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16e."/>
-          <link rel="depends-on" href="#ac-16_smt.e"/>
           <p>changes to attributes are audited;</p>
+          <link rel="depends-on" href="#ac-16_smt.e"/>
         </part>
         <part id="ac-16_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16f."/>
-          <link rel="depends-on" href="#ac-16_smt.f"/>
           <part id="ac-16_obj.f-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16f.[01]"/>
-            <link rel="depends-on" href="#ac-16_smt.f"/>
             <p><insert type="param" id-ref="ac-16_odp.07"/> are reviewed for applicability <insert type="param" id-ref="ac-16_odp.10"/>;</p>
+            <link rel="depends-on" href="#ac-16_smt.f"/>
           </part>
           <part id="ac-16_obj.f-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16f.[02]"/>
-            <link rel="depends-on" href="#ac-16_smt.f"/>
             <p><insert type="param" id-ref="ac-16_odp.08"/> are reviewed for applicability <insert type="param" id-ref="ac-16_odp.11"/>.</p>
+            <link rel="depends-on" href="#ac-16_smt.f"/>
           </part>
+          <link rel="depends-on" href="#ac-16_smt.f"/>
         </part>
+        <link rel="depends-on" href="#ac-16_smt"/>
       </part>
       <part id="ac-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7603,27 +7603,27 @@
         </part>
         <part id="ac-16.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(01)"/>
-          <link rel="depends-on" href="#ac-16.1_smt"/>
           <part id="ac-16.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(01)[01]"/>
-            <link rel="depends-on" href="#ac-16.1_smt"/>
             <p>security attributes are dynamically associated with <insert type="param" id-ref="ac-16.01_odp.01"/> in accordance with the following security policies as information is created and combined: <insert type="param" id-ref="ac-16.01_odp.05"/>;</p>
+            <link rel="depends-on" href="#ac-16.1_smt"/>
           </part>
           <part id="ac-16.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(01)[02]"/>
-            <link rel="depends-on" href="#ac-16.1_smt"/>
             <p>security attributes are dynamically associated with <insert type="param" id-ref="ac-16.01_odp.02"/> in accordance with the following security policies as information is created and combined: <insert type="param" id-ref="ac-16.01_odp.05"/>;</p>
+            <link rel="depends-on" href="#ac-16.1_smt"/>
           </part>
           <part id="ac-16.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(01)[03]"/>
-            <link rel="depends-on" href="#ac-16.1_smt"/>
             <p>privacy attributes are dynamically associated with <insert type="param" id-ref="ac-16.01_odp.03"/> in accordance with the following privacy policies as information is created and combined: <insert type="param" id-ref="ac-16.01_odp.06"/>;</p>
+            <link rel="depends-on" href="#ac-16.1_smt"/>
           </part>
           <part id="ac-16.1_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(01)[04]"/>
-            <link rel="depends-on" href="#ac-16.1_smt"/>
             <p>privacy attributes are dynamically associated with <insert type="param" id-ref="ac-16.01_odp.04"/> in accordance with the following privacy policies as information is created and combined: <insert type="param" id-ref="ac-16.01_odp.06"/>.</p>
+            <link rel="depends-on" href="#ac-16.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.1_smt"/>
         </part>
         <part id="ac-16.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7671,17 +7671,17 @@
         </part>
         <part id="ac-16.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(02)"/>
-          <link rel="depends-on" href="#ac-16.2_smt"/>
           <part id="ac-16.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(02)[01]"/>
-            <link rel="depends-on" href="#ac-16.2_smt"/>
             <p>authorized individuals (or processes acting on behalf of individuals) are provided with the capability to define or change the value of associated security attributes;</p>
+            <link rel="depends-on" href="#ac-16.2_smt"/>
           </part>
           <part id="ac-16.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(02)[02]"/>
-            <link rel="depends-on" href="#ac-16.2_smt"/>
             <p>authorized individuals (or processes acting on behalf of individuals) are provided with the capability to define or change the value of associated privacy attributes.</p>
+            <link rel="depends-on" href="#ac-16.2_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.2_smt"/>
         </part>
         <part id="ac-16.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7784,27 +7784,27 @@
         </part>
         <part id="ac-16.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(03)"/>
-          <link rel="depends-on" href="#ac-16.3_smt"/>
           <part id="ac-16.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(03)[01]"/>
-            <link rel="depends-on" href="#ac-16.3_smt"/>
             <p>the association and integrity of <insert type="param" id-ref="ac-16.03_odp.01"/> to <insert type="param" id-ref="ac-16.03_odp.03"/> is maintained;</p>
+            <link rel="depends-on" href="#ac-16.3_smt"/>
           </part>
           <part id="ac-16.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(03)[02]"/>
-            <link rel="depends-on" href="#ac-16.3_smt"/>
             <p>the association and integrity of <insert type="param" id-ref="ac-16.03_odp.01"/> to <insert type="param" id-ref="ac-16.03_odp.04"/> is maintained.</p>
+            <link rel="depends-on" href="#ac-16.3_smt"/>
           </part>
           <part id="ac-16.3_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(03)[03]"/>
-            <link rel="depends-on" href="#ac-16.3_smt"/>
             <p>the association and integrity of <insert type="param" id-ref="ac-16.03_odp.02"/> to <insert type="param" id-ref="ac-16.03_odp.05"/> is maintained;</p>
+            <link rel="depends-on" href="#ac-16.3_smt"/>
           </part>
           <part id="ac-16.3_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(03)[04]"/>
-            <link rel="depends-on" href="#ac-16.3_smt"/>
             <p>the association and integrity of <insert type="param" id-ref="ac-16.03_odp.02"/> to <insert type="param" id-ref="ac-16.03_odp.06"/> is maintained.</p>
+            <link rel="depends-on" href="#ac-16.3_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.3_smt"/>
         </part>
         <part id="ac-16.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -7921,27 +7921,27 @@
         </part>
         <part id="ac-16.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(04)"/>
-          <link rel="depends-on" href="#ac-16.4_smt"/>
           <part id="ac-16.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(04)[01]"/>
-            <link rel="depends-on" href="#ac-16.4_smt"/>
             <p>authorized individuals (or processes acting on behalf of individuals) are provided with the capability to associate <insert type="param" id-ref="ac-16.04_odp.01"/> with <insert type="param" id-ref="ac-16.04_odp.05"/>;</p>
+            <link rel="depends-on" href="#ac-16.4_smt"/>
           </part>
           <part id="ac-16.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(04)[02]"/>
-            <link rel="depends-on" href="#ac-16.4_smt"/>
             <p>authorized individuals (or processes acting on behalf of individuals) are provided with the capability to associate <insert type="param" id-ref="ac-16.04_odp.02"/> with <insert type="param" id-ref="ac-16.04_odp.06"/>;</p>
+            <link rel="depends-on" href="#ac-16.4_smt"/>
           </part>
           <part id="ac-16.4_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(04)[03]"/>
-            <link rel="depends-on" href="#ac-16.4_smt"/>
             <p>authorized individuals (or processes acting on behalf of individuals) are provided with the capability to associate <insert type="param" id-ref="ac-16.04_odp.03"/> with <insert type="param" id-ref="ac-16.04_odp.07"/>;</p>
+            <link rel="depends-on" href="#ac-16.4_smt"/>
           </part>
           <part id="ac-16.4_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(04)[04]"/>
-            <link rel="depends-on" href="#ac-16.4_smt"/>
             <p>authorized individuals (or processes acting on behalf of individuals) are provided with the capability to associate <insert type="param" id-ref="ac-16.04_odp.04"/> with <insert type="param" id-ref="ac-16.04_odp.08"/>.</p>
+            <link rel="depends-on" href="#ac-16.4_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.4_smt"/>
         </part>
         <part id="ac-16.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8009,17 +8009,17 @@
         </part>
         <part id="ac-16.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(05)"/>
-          <link rel="depends-on" href="#ac-16.5_smt"/>
           <part id="ac-16.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(05)[01]"/>
-            <link rel="depends-on" href="#ac-16.5_smt"/>
             <p>security attributes are displayed in human-readable form on each object that the system transmits to output devices to identify <insert type="param" id-ref="ac-16.05_odp.01"/> using <insert type="param" id-ref="ac-16.05_odp.02"/>;</p>
+            <link rel="depends-on" href="#ac-16.5_smt"/>
           </part>
           <part id="ac-16.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(05)[02]"/>
-            <link rel="depends-on" href="#ac-16.5_smt"/>
             <p>privacy attributes are displayed in human-readable form on each object that the system transmits to output devices to identify <insert type="param" id-ref="ac-16.05_odp.01"/> using <insert type="param" id-ref="ac-16.05_odp.02"/>.</p>
+            <link rel="depends-on" href="#ac-16.5_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.5_smt"/>
         </part>
         <part id="ac-16.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8157,27 +8157,27 @@
         </part>
         <part id="ac-16.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(06)"/>
-          <link rel="depends-on" href="#ac-16.6_smt"/>
           <part id="ac-16.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(06)[01]"/>
-            <link rel="depends-on" href="#ac-16.6_smt"/>
             <p>personnel are required to associate and maintain the association of <insert type="param" id-ref="ac-16.06_odp.01"/> with <insert type="param" id-ref="ac-16.06_odp.05"/> in accordance with <insert type="param" id-ref="ac-16.06_odp.09"/>;</p>
+            <link rel="depends-on" href="#ac-16.6_smt"/>
           </part>
           <part id="ac-16.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(06)[02]"/>
-            <link rel="depends-on" href="#ac-16.6_smt"/>
             <p>personnel are required to associate and maintain the association of <insert type="param" id-ref="ac-16.06_odp.02"/> with <insert type="param" id-ref="ac-16.06_odp.06"/> in accordance with <insert type="param" id-ref="ac-16.06_odp.09"/>;</p>
+            <link rel="depends-on" href="#ac-16.6_smt"/>
           </part>
           <part id="ac-16.6_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(06)[03]"/>
-            <link rel="depends-on" href="#ac-16.6_smt"/>
             <p>personnel are required to associate and maintain the association of <insert type="param" id-ref="ac-16.06_odp.03"/> with <insert type="param" id-ref="ac-16.06_odp.07"/> in accordance with <insert type="param" id-ref="ac-16.06_odp.10"/>;</p>
+            <link rel="depends-on" href="#ac-16.6_smt"/>
           </part>
           <part id="ac-16.6_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(06)[04]"/>
-            <link rel="depends-on" href="#ac-16.6_smt"/>
             <p>personnel are required to associate and maintain the association of <insert type="param" id-ref="ac-16.06_odp.04"/> with <insert type="param" id-ref="ac-16.06_odp.08"/> in accordance with <insert type="param" id-ref="ac-16.06_odp.10"/>.</p>
+            <link rel="depends-on" href="#ac-16.6_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.6_smt"/>
         </part>
         <part id="ac-16.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8222,17 +8222,17 @@
         </part>
         <part id="ac-16.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(07)"/>
-          <link rel="depends-on" href="#ac-16.7_smt"/>
           <part id="ac-16.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(07)[01]"/>
-            <link rel="depends-on" href="#ac-16.7_smt"/>
             <p>a consistent interpretation of security attributes transmitted between distributed system components is provided;</p>
+            <link rel="depends-on" href="#ac-16.7_smt"/>
           </part>
           <part id="ac-16.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(07)[02]"/>
-            <link rel="depends-on" href="#ac-16.7_smt"/>
             <p>a consistent interpretation of privacy attributes transmitted between distributed system components is provided.</p>
+            <link rel="depends-on" href="#ac-16.7_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.7_smt"/>
         </part>
         <part id="ac-16.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8303,17 +8303,17 @@
         </part>
         <part id="ac-16.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(08)"/>
-          <link rel="depends-on" href="#ac-16.8_smt"/>
           <part id="ac-16.8_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(08)[01]"/>
-            <link rel="depends-on" href="#ac-16.8_smt"/>
             <p><insert type="param" id-ref="ac-16.08_odp.01"/> are implemented in associating security attributes to information;</p>
+            <link rel="depends-on" href="#ac-16.8_smt"/>
           </part>
           <part id="ac-16.8_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(08)[02]"/>
-            <link rel="depends-on" href="#ac-16.8_smt"/>
             <p><insert type="param" id-ref="ac-16.08_odp.02"/> are implemented in associating privacy attributes to information.</p>
+            <link rel="depends-on" href="#ac-16.8_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.8_smt"/>
         </part>
         <part id="ac-16.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8380,17 +8380,17 @@
         </part>
         <part id="ac-16.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(09)"/>
-          <link rel="depends-on" href="#ac-16.9_smt"/>
           <part id="ac-16.9_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(09)[01]"/>
-            <link rel="depends-on" href="#ac-16.9_smt"/>
             <p>security attributes associated with information are changed only via regrading mechanisms validated using <insert type="param" id-ref="ac-16.09_odp.01"/>;</p>
+            <link rel="depends-on" href="#ac-16.9_smt"/>
           </part>
           <part id="ac-16.9_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(09)[02]"/>
-            <link rel="depends-on" href="#ac-16.9_smt"/>
             <p>privacy attributes associated with information are changed only via regrading mechanisms validated using <insert type="param" id-ref="ac-16.09_odp.02"/>.</p>
+            <link rel="depends-on" href="#ac-16.9_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.9_smt"/>
         </part>
         <part id="ac-16.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8438,17 +8438,17 @@
         </part>
         <part id="ac-16.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-16(10)"/>
-          <link rel="depends-on" href="#ac-16.10_smt"/>
           <part id="ac-16.10_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(10)[01]"/>
-            <link rel="depends-on" href="#ac-16.10_smt"/>
             <p>authorized individuals are provided with the capability to define or change the type and value of security attributes available for association with subjects and objects;</p>
+            <link rel="depends-on" href="#ac-16.10_smt"/>
           </part>
           <part id="ac-16.10_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-16(10)[02]"/>
-            <link rel="depends-on" href="#ac-16.10_smt"/>
             <p>authorized individuals are provided with the capability to define or change the type and value of privacy attributes available for association with subjects and objects.</p>
+            <link rel="depends-on" href="#ac-16.10_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-16.10_smt"/>
         </part>
         <part id="ac-16.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8528,31 +8528,31 @@
       </part>
       <part id="ac-17_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-17"/>
-        <link rel="depends-on" href="#ac-17_smt"/>
         <part id="ac-17_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17a."/>
-          <link rel="depends-on" href="#ac-17_smt.a"/>
           <part id="ac-17_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17a.[01]"/>
-            <link rel="depends-on" href="#ac-17_smt.a"/>
             <p>usage restrictions are established and documented for each type of remote access allowed;</p>
+            <link rel="depends-on" href="#ac-17_smt.a"/>
           </part>
           <part id="ac-17_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17a.[02]"/>
-            <link rel="depends-on" href="#ac-17_smt.a"/>
             <p>configuration/connection requirements are established and documented for each type of remote access allowed;</p>
+            <link rel="depends-on" href="#ac-17_smt.a"/>
           </part>
           <part id="ac-17_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17a.[03]"/>
-            <link rel="depends-on" href="#ac-17_smt.a"/>
             <p>implementation guidance is established and documented for each type of remote access allowed;</p>
+            <link rel="depends-on" href="#ac-17_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ac-17_smt.a"/>
         </part>
         <part id="ac-17_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17b."/>
-          <link rel="depends-on" href="#ac-17_smt.b"/>
           <p>each type of remote access to the system is authorized prior to allowing such connections.</p>
+          <link rel="depends-on" href="#ac-17_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-17_smt"/>
       </part>
       <part id="ac-17_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8604,17 +8604,17 @@
         </part>
         <part id="ac-17.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(01)"/>
-          <link rel="depends-on" href="#ac-17.1_smt"/>
           <part id="ac-17.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17(01)[01]"/>
-            <link rel="depends-on" href="#ac-17.1_smt"/>
             <p>automated mechanisms are employed to monitor remote access methods;</p>
+            <link rel="depends-on" href="#ac-17.1_smt"/>
           </part>
           <part id="ac-17.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17(01)[02]"/>
-            <link rel="depends-on" href="#ac-17.1_smt"/>
             <p>automated mechanisms are employed to control remote access methods.</p>
+            <link rel="depends-on" href="#ac-17.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-17.1_smt"/>
         </part>
         <part id="ac-17.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8665,8 +8665,8 @@
         </part>
         <part id="ac-17.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(02)"/>
-          <link rel="depends-on" href="#ac-17.2_smt"/>
           <p>cryptographic mechanisms are implemented to protect the confidentiality and integrity of remote access sessions.</p>
+          <link rel="depends-on" href="#ac-17.2_smt"/>
         </part>
         <part id="ac-17.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8715,8 +8715,8 @@
         </part>
         <part id="ac-17.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(03)"/>
-          <link rel="depends-on" href="#ac-17.3_smt"/>
           <p>remote accesses are routed through authorized and managed network access control points.</p>
+          <link rel="depends-on" href="#ac-17.3_smt"/>
         </part>
         <part id="ac-17.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8792,36 +8792,36 @@
         </part>
         <part id="ac-17.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(04)"/>
-          <link rel="depends-on" href="#ac-17.4_smt"/>
           <part id="ac-17.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17(04)(a)"/>
-            <link rel="depends-on" href="#ac-17.4_smt.a"/>
             <part id="ac-17.4_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-17(04)(a)[01]"/>
-              <link rel="depends-on" href="#ac-17.4_smt.a"/>
               <p>the execution of privileged commands via remote access is authorized only in a format that provides assessable evidence;</p>
+              <link rel="depends-on" href="#ac-17.4_smt.a"/>
             </part>
             <part id="ac-17.4_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-17(04)(a)[02]"/>
-              <link rel="depends-on" href="#ac-17.4_smt.a"/>
               <p>access to security-relevant information via remote access is authorized only in a format that provides assessable evidence;</p>
+              <link rel="depends-on" href="#ac-17.4_smt.a"/>
             </part>
             <part id="ac-17.4_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-17(04)(a)[03]"/>
-              <link rel="depends-on" href="#ac-17.4_smt.a"/>
               <p>the execution of privileged commands via remote access is authorized only for the following needs: <insert type="param" id-ref="ac-17.04_odp.01"/>;</p>
+              <link rel="depends-on" href="#ac-17.4_smt.a"/>
             </part>
             <part id="ac-17.4_obj.a-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-17(04)(a)[04]"/>
-              <link rel="depends-on" href="#ac-17.4_smt.a"/>
               <p>access to security-relevant information via remote access is authorized only for the following needs: <insert type="param" id-ref="ac-17.04_odp.02"/>;</p>
+              <link rel="depends-on" href="#ac-17.4_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ac-17.4_smt.a"/>
           </part>
           <part id="ac-17.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-17(04)(b)"/>
-            <link rel="depends-on" href="#ac-17.4_smt.b"/>
             <p>the rationale for remote access is documented in the security plan for the system.</p>
+            <link rel="depends-on" href="#ac-17.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-17.4_smt"/>
         </part>
         <part id="ac-17.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8878,8 +8878,8 @@
         </part>
         <part id="ac-17.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(06)"/>
-          <link rel="depends-on" href="#ac-17.6_smt"/>
           <p>information about remote access mechanisms is protected from unauthorized use and disclosure.</p>
+          <link rel="depends-on" href="#ac-17.6_smt"/>
         </part>
         <part id="ac-17.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -8940,8 +8940,8 @@
         </part>
         <part id="ac-17.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(09)"/>
-          <link rel="depends-on" href="#ac-17.9_smt"/>
           <p>the capability to disconnect or disable remote access to the system within <insert type="param" id-ref="ac-17.09_odp"/> is provided.</p>
+          <link rel="depends-on" href="#ac-17.9_smt"/>
         </part>
         <part id="ac-17.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9007,8 +9007,8 @@
         </part>
         <part id="ac-17.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-17(10)"/>
-          <link rel="depends-on" href="#ac-17.10_smt"/>
           <p><insert type="param" id-ref="ac-17.10_odp.01"/> are implemented to authenticate <insert type="param" id-ref="ac-17.10_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-17.10_smt"/>
         </part>
         <part id="ac-17.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9077,31 +9077,31 @@
       </part>
       <part id="ac-18_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-18"/>
-        <link rel="depends-on" href="#ac-18_smt"/>
         <part id="ac-18_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-18a."/>
-          <link rel="depends-on" href="#ac-18_smt.a"/>
           <part id="ac-18_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18a.[01]"/>
-            <link rel="depends-on" href="#ac-18_smt.a"/>
             <p>configuration requirements are established for each type of wireless access;</p>
+            <link rel="depends-on" href="#ac-18_smt.a"/>
           </part>
           <part id="ac-18_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18a.[02]"/>
-            <link rel="depends-on" href="#ac-18_smt.a"/>
             <p>connection requirements are established for each type of wireless access;</p>
+            <link rel="depends-on" href="#ac-18_smt.a"/>
           </part>
           <part id="ac-18_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18a.[03]"/>
-            <link rel="depends-on" href="#ac-18_smt.a"/>
             <p>implementation guidance is established for each type of wireless access;</p>
+            <link rel="depends-on" href="#ac-18_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ac-18_smt.a"/>
         </part>
         <part id="ac-18_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-18b."/>
-          <link rel="depends-on" href="#ac-18_smt.b"/>
           <p>each type of wireless access to the system is authorized prior to allowing such connections.</p>
+          <link rel="depends-on" href="#ac-18_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-18_smt"/>
       </part>
       <part id="ac-18_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9159,17 +9159,17 @@
         </part>
         <part id="ac-18.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-18(01)"/>
-          <link rel="depends-on" href="#ac-18.1_smt"/>
           <part id="ac-18.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18(01)[01]"/>
-            <link rel="depends-on" href="#ac-18.1_smt"/>
             <p>wireless access to the system is protected using authentication of <insert type="param" id-ref="ac-18.01_odp"/>;</p>
+            <link rel="depends-on" href="#ac-18.1_smt"/>
           </part>
           <part id="ac-18.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18(01)[02]"/>
-            <link rel="depends-on" href="#ac-18.1_smt"/>
             <p>wireless access to the system is protected using encryption.</p>
+            <link rel="depends-on" href="#ac-18.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-18.1_smt"/>
         </part>
         <part id="ac-18.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9225,8 +9225,8 @@
         </part>
         <part id="ac-18.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-18(03)"/>
-          <link rel="depends-on" href="#ac-18.3_smt"/>
           <p>when not intended for use, wireless networking capabilities embedded within system components are disabled prior to issuance and deployment.</p>
+          <link rel="depends-on" href="#ac-18.3_smt"/>
         </part>
         <part id="ac-18.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9274,17 +9274,17 @@
         </part>
         <part id="ac-18.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-18(04)"/>
-          <link rel="depends-on" href="#ac-18.4_smt"/>
           <part id="ac-18.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18(04)[01]"/>
-            <link rel="depends-on" href="#ac-18.4_smt"/>
             <p>users allowed to independently configure wireless networking capabilities are identified;</p>
+            <link rel="depends-on" href="#ac-18.4_smt"/>
           </part>
           <part id="ac-18.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18(04)[02]"/>
-            <link rel="depends-on" href="#ac-18.4_smt"/>
             <p>users allowed to independently configure wireless networking capabilities are explicitly authorized.</p>
+            <link rel="depends-on" href="#ac-18.4_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-18.4_smt"/>
         </part>
         <part id="ac-18.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9331,17 +9331,17 @@
         </part>
         <part id="ac-18.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-18(05)"/>
-          <link rel="depends-on" href="#ac-18.5_smt"/>
           <part id="ac-18.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18(05)[01]"/>
-            <link rel="depends-on" href="#ac-18.5_smt"/>
             <p>radio antennas are selected to reduce the probability that signals from wireless access points can be received outside of organization-controlled boundaries;</p>
+            <link rel="depends-on" href="#ac-18.5_smt"/>
           </part>
           <part id="ac-18.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-18(05)[02]"/>
-            <link rel="depends-on" href="#ac-18.5_smt"/>
             <p>transmission power levels are calibrated to reduce the probability that signals from wireless access points can be received outside of organization-controlled boundaries.</p>
+            <link rel="depends-on" href="#ac-18.5_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-18.5_smt"/>
         </part>
         <part id="ac-18.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9422,31 +9422,31 @@
       </part>
       <part id="ac-19_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-19"/>
-        <link rel="depends-on" href="#ac-19_smt"/>
         <part id="ac-19_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-19a."/>
-          <link rel="depends-on" href="#ac-19_smt.a"/>
           <part id="ac-19_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-19a.[01]"/>
-            <link rel="depends-on" href="#ac-19_smt.a"/>
             <p>configuration requirements are established for organization-controlled mobile devices, including when such devices are outside of the controlled area;</p>
+            <link rel="depends-on" href="#ac-19_smt.a"/>
           </part>
           <part id="ac-19_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-19a.[02]"/>
-            <link rel="depends-on" href="#ac-19_smt.a"/>
             <p>connection requirements are established for organization-controlled mobile devices, including when such devices are outside of the controlled area;</p>
+            <link rel="depends-on" href="#ac-19_smt.a"/>
           </part>
           <part id="ac-19_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-19a.[03]"/>
-            <link rel="depends-on" href="#ac-19_smt.a"/>
             <p>implementation guidance is established for organization-controlled mobile devices, including when such devices are outside of the controlled area;</p>
+            <link rel="depends-on" href="#ac-19_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ac-19_smt.a"/>
         </part>
         <part id="ac-19_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-19b."/>
-          <link rel="depends-on" href="#ac-19_smt.b"/>
           <p>the connection of mobile devices to organizational systems is authorized.</p>
+          <link rel="depends-on" href="#ac-19_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-19_smt"/>
       </part>
       <part id="ac-19_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9564,50 +9564,50 @@
         </part>
         <part id="ac-19.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-19(04)"/>
-          <link rel="depends-on" href="#ac-19.4_smt"/>
           <part id="ac-19.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-19(04)(a)"/>
-            <link rel="depends-on" href="#ac-19.4_smt.a"/>
             <p>the use of unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information is prohibited unless specifically permitted by the authorizing official;</p>
+            <link rel="depends-on" href="#ac-19.4_smt.a"/>
           </part>
           <part id="ac-19.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-19(04)(b)"/>
-            <link rel="depends-on" href="#ac-19.4_smt.b"/>
             <part id="ac-19.4_obj.b.1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-19(04)(b)(01)"/>
-              <link rel="depends-on" href="#ac-19.4_smt.b.1"/>
               <p>prohibition of the connection of unclassified mobile devices to classified systems is enforced on individuals permitted by an authorizing official to use unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information;</p>
+              <link rel="depends-on" href="#ac-19.4_smt.b.1"/>
             </part>
             <part id="ac-19.4_obj.b.2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-19(04)(b)(02)"/>
-              <link rel="depends-on" href="#ac-19.4_smt.b.2"/>
               <p>approval by the authorizing official for the connection of unclassified mobile devices to unclassified systems is enforced on individuals permitted to use unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information;</p>
+              <link rel="depends-on" href="#ac-19.4_smt.b.2"/>
             </part>
             <part id="ac-19.4_obj.b.3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-19(04)(b)(03)"/>
-              <link rel="depends-on" href="#ac-19.4_smt.b.3"/>
               <p>prohibition of the use of internal or external modems or wireless interfaces within unclassified mobile devices is enforced on individuals permitted by an authorizing official to use unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information;</p>
+              <link rel="depends-on" href="#ac-19.4_smt.b.3"/>
             </part>
             <part id="ac-19.4_obj.b.4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AC-19(04)(b)(04)"/>
-              <link rel="depends-on" href="#ac-19.4_smt.b.4"/>
               <part id="ac-19.4_obj.b.4-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-19(04)(b)(04)[01]"/>
-                <link rel="depends-on" href="#ac-19.4_smt.b.4"/>
                 <p>random review and inspection of unclassified mobile devices and the information stored on those devices by <insert type="param" id-ref="ac-19.04_odp.01"/> are enforced;</p>
+                <link rel="depends-on" href="#ac-19.4_smt.b.4"/>
               </part>
               <part id="ac-19.4_obj.b.4-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AC-19(04)(b)(04)[02]"/>
-                <link rel="depends-on" href="#ac-19.4_smt.b.4"/>
                 <p>following of the incident handling policy is enforced if classified information is found during a random review and inspection of unclassified mobile devices;</p>
+                <link rel="depends-on" href="#ac-19.4_smt.b.4"/>
               </part>
+              <link rel="depends-on" href="#ac-19.4_smt.b.4"/>
             </part>
+            <link rel="depends-on" href="#ac-19.4_smt.b"/>
           </part>
           <part id="ac-19.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-19(04)(c)"/>
-            <link rel="depends-on" href="#ac-19.4_smt.c"/>
             <p>the connection of classified mobile devices to classified systems is restricted in accordance with <insert type="param" id-ref="ac-19.04_odp.02"/>.</p>
+            <link rel="depends-on" href="#ac-19.4_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ac-19.4_smt"/>
         </part>
         <part id="ac-19.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9677,8 +9677,8 @@
         </part>
         <part id="ac-19.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-19(05)"/>
-          <link rel="depends-on" href="#ac-19.5_smt"/>
           <p><insert type="param" id-ref="ac-19.05_odp.01"/> is employed to protect the confidentiality and integrity of information on <insert type="param" id-ref="ac-19.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#ac-19.5_smt"/>
         </part>
         <part id="ac-19.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9789,26 +9789,26 @@
       </part>
       <part id="ac-20_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-20"/>
-        <link rel="depends-on" href="#ac-20_smt"/>
         <part id="ac-20_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20a."/>
-          <link rel="depends-on" href="#ac-20_smt.a"/>
           <part id="ac-20_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-20a.01"/>
-            <link rel="depends-on" href="#ac-20_smt.a.1"/>
             <p><insert type="param" id-ref="ac-20_odp.01"/> is/are consistent with the trust relationships established with other organizations owning, operating, and/or maintaining external systems, allowing authorized individuals to access the system from external systems (if applicable);</p>
+            <link rel="depends-on" href="#ac-20_smt.a.1"/>
           </part>
           <part id="ac-20_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-20a.02"/>
-            <link rel="depends-on" href="#ac-20_smt.a.2"/>
             <p><insert type="param" id-ref="ac-20_odp.01"/> is/are consistent with the trust relationships established with other organizations owning, operating, and/or maintaining external systems, allowing authorized individuals to process, store, or transmit organization-controlled information using external systems (if applicable);</p>
+            <link rel="depends-on" href="#ac-20_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#ac-20_smt.a"/>
         </part>
         <part id="ac-20_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20b."/>
-          <link rel="depends-on" href="#ac-20_smt.b"/>
           <p>the use of <insert type="param" id-ref="ac-20_odp.04"/> is prohibited (if applicable).</p>
+          <link rel="depends-on" href="#ac-20_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-20_smt"/>
       </part>
       <part id="ac-20_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9864,17 +9864,17 @@
         </part>
         <part id="ac-20.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20(01)"/>
-          <link rel="depends-on" href="#ac-20.1_smt"/>
           <part id="ac-20.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-20(01)(a)"/>
-            <link rel="depends-on" href="#ac-20.1_smt.a"/>
             <p>authorized individuals are permitted to use an external system to access the system or to process, store, or transmit organization-controlled information only after verification of the implementation of controls on the external system as specified in the organization’s security and privacy policies and security and privacy plans (if applicable);</p>
+            <link rel="depends-on" href="#ac-20.1_smt.a"/>
           </part>
           <part id="ac-20.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-20(01)(b)"/>
-            <link rel="depends-on" href="#ac-20.1_smt.b"/>
             <p>authorized individuals are permitted to use an external system to access the system or to process, store, or transmit organization-controlled information only after retention of approved system connection or processing agreements with the organizational entity hosting the external system (if applicable).</p>
+            <link rel="depends-on" href="#ac-20.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ac-20.1_smt"/>
         </part>
         <part id="ac-20.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9929,8 +9929,8 @@
         </part>
         <part id="ac-20.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20(02)"/>
-          <link rel="depends-on" href="#ac-20.2_smt"/>
           <p>the use of organization-controlled portable storage devices by authorized individuals is restricted on external systems using <insert type="param" id-ref="ac-20.02_odp"/>.</p>
+          <link rel="depends-on" href="#ac-20.2_smt"/>
         </part>
         <part id="ac-20.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -9985,8 +9985,8 @@
         </part>
         <part id="ac-20.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20(03)"/>
-          <link rel="depends-on" href="#ac-20.3_smt"/>
           <p>the use of non-organizationally owned systems or system components to process, store, or transmit organizational information is restricted using <insert type="param" id-ref="ac-20.03_odp"/>.</p>
+          <link rel="depends-on" href="#ac-20.3_smt"/>
         </part>
         <part id="ac-20.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10042,8 +10042,8 @@
         </part>
         <part id="ac-20.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20(04)"/>
-          <link rel="depends-on" href="#ac-20.4_smt"/>
           <p>the use of <insert type="param" id-ref="ac-20.04_odp"/> is prohibited in external systems.</p>
+          <link rel="depends-on" href="#ac-20.4_smt"/>
         </part>
         <part id="ac-20.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10096,8 +10096,8 @@
         </part>
         <part id="ac-20.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-20(05)"/>
-          <link rel="depends-on" href="#ac-20.5_smt"/>
           <p>the use of organization-controlled portable storage devices by authorized individuals is prohibited on external systems.</p>
+          <link rel="depends-on" href="#ac-20.5_smt"/>
         </part>
         <part id="ac-20.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10173,17 +10173,17 @@
       </part>
       <part id="ac-21_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-21"/>
-        <link rel="depends-on" href="#ac-21_smt"/>
         <part id="ac-21_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-21a."/>
-          <link rel="depends-on" href="#ac-21_smt.a"/>
           <p>authorized users are enabled to determine whether access authorizations assigned to a sharing partner match the information’s access and use restrictions for <insert type="param" id-ref="ac-21_odp.01"/>;</p>
+          <link rel="depends-on" href="#ac-21_smt.a"/>
         </part>
         <part id="ac-21_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-21b."/>
-          <link rel="depends-on" href="#ac-21_smt.b"/>
           <p><insert type="param" id-ref="ac-21_odp.02"/> are employed to assist users in making information-sharing and collaboration decisions.</p>
+          <link rel="depends-on" href="#ac-21_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ac-21_smt"/>
       </part>
       <part id="ac-21_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10244,8 +10244,8 @@
         </part>
         <part id="ac-21.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-21(01)"/>
-          <link rel="depends-on" href="#ac-21.1_smt"/>
           <p><insert type="param" id-ref="ac-21.01_odp"/> are employed to enforce information-sharing decisions by authorized users based on access authorizations of sharing partners and access restrictions on information to be shared.</p>
+          <link rel="depends-on" href="#ac-21.1_smt"/>
         </part>
         <part id="ac-21.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10303,8 +10303,8 @@
         </part>
         <part id="ac-21.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-21(02)"/>
-          <link rel="depends-on" href="#ac-21.2_smt"/>
           <p>information search and retrieval services that enforce <insert type="param" id-ref="ac-21.02_odp"/> are implemented.</p>
+          <link rel="depends-on" href="#ac-21.2_smt"/>
         </part>
         <part id="ac-21.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10382,36 +10382,36 @@
       </part>
       <part id="ac-22_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-22"/>
-        <link rel="depends-on" href="#ac-22_smt"/>
         <part id="ac-22_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-22a."/>
-          <link rel="depends-on" href="#ac-22_smt.a"/>
           <p>designated individuals are authorized to make information publicly accessible;</p>
+          <link rel="depends-on" href="#ac-22_smt.a"/>
         </part>
         <part id="ac-22_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-22b."/>
-          <link rel="depends-on" href="#ac-22_smt.b"/>
           <p>authorized individuals are trained to ensure that publicly accessible information does not contain non-public information;</p>
+          <link rel="depends-on" href="#ac-22_smt.b"/>
         </part>
         <part id="ac-22_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-22c."/>
-          <link rel="depends-on" href="#ac-22_smt.c"/>
           <p>the proposed content of information is reviewed prior to posting onto the publicly accessible system to ensure that non-public information is not included;</p>
+          <link rel="depends-on" href="#ac-22_smt.c"/>
         </part>
         <part id="ac-22_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-22d."/>
-          <link rel="depends-on" href="#ac-22_smt.d"/>
           <part id="ac-22_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-22d.[01]"/>
-            <link rel="depends-on" href="#ac-22_smt.d"/>
             <p>the content on the publicly accessible system is reviewed for non-public information <insert type="param" id-ref="ac-22_odp"/>;</p>
+            <link rel="depends-on" href="#ac-22_smt.d"/>
           </part>
           <part id="ac-22_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-22d.[02]"/>
-            <link rel="depends-on" href="#ac-22_smt.d"/>
             <p>non-public information is removed from the publicly accessible system, if discovered.</p>
+            <link rel="depends-on" href="#ac-22_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ac-22_smt.d"/>
         </part>
+        <link rel="depends-on" href="#ac-22_smt"/>
       </part>
       <part id="ac-22_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10481,8 +10481,8 @@
       </part>
       <part id="ac-23_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-23"/>
-        <link rel="depends-on" href="#ac-23_smt"/>
         <p><insert type="param" id-ref="ac-23_odp.01"/> are employed for <insert type="param" id-ref="ac-23_odp.02"/> to detect and protect against unauthorized data mining.</p>
+        <link rel="depends-on" href="#ac-23_smt"/>
       </part>
       <part id="ac-23_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10556,8 +10556,8 @@
       </part>
       <part id="ac-24_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-24"/>
-        <link rel="depends-on" href="#ac-24_smt"/>
         <p><insert type="param" id-ref="ac-24_odp.01"/> are taken to ensure that <insert type="param" id-ref="ac-24_odp.02"/> are applied to each access request prior to access enforcement.</p>
+        <link rel="depends-on" href="#ac-24_smt"/>
       </part>
       <part id="ac-24_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10627,8 +10627,8 @@
         </part>
         <part id="ac-24.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-24(01)"/>
-          <link rel="depends-on" href="#ac-24.1_smt"/>
           <p><insert type="param" id-ref="ac-24.01_odp.01"/> is transmitted using <insert type="param" id-ref="ac-24.01_odp.02"/> to <insert type="param" id-ref="ac-24.01_odp.03"/> that enforce access control decisions.</p>
+          <link rel="depends-on" href="#ac-24.1_smt"/>
         </part>
         <part id="ac-24.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10695,17 +10695,17 @@
         </part>
         <part id="ac-24.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AC-24(02)"/>
-          <link rel="depends-on" href="#ac-24.2_smt"/>
           <part id="ac-24.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-24(02)[01]"/>
-            <link rel="depends-on" href="#ac-24.2_smt"/>
             <p>access control decisions are enforced based on <insert type="param" id-ref="ac-24.02_odp.01"/> that do not include the identity of the user or process acting on behalf of the user (if selected);</p>
+            <link rel="depends-on" href="#ac-24.2_smt"/>
           </part>
           <part id="ac-24.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AC-24(02)[02]"/>
-            <link rel="depends-on" href="#ac-24.2_smt"/>
             <p>access control decisions are enforced based on <insert type="param" id-ref="ac-24.02_odp.02"/> that do not include the identity of the user or process acting on behalf of the user (if selected).</p>
+            <link rel="depends-on" href="#ac-24.2_smt"/>
           </part>
+          <link rel="depends-on" href="#ac-24.2_smt"/>
         </part>
         <part id="ac-24.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10771,8 +10771,8 @@
       </part>
       <part id="ac-25_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AC-25"/>
-        <link rel="depends-on" href="#ac-25_smt"/>
         <p>a reference monitor is implemented for <insert type="param" id-ref="ac-25_odp"/> that is tamper-proof, always invoked, and small enough to be subject to analysis and testing, the completeness of which can be assured.</p>
+        <link rel="depends-on" href="#ac-25_smt"/>
       </part>
       <part id="ac-25_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -10935,116 +10935,116 @@
       </part>
       <part id="at-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AT-01"/>
-        <link rel="depends-on" href="#at-1_smt"/>
         <part id="at-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-01a."/>
-          <link rel="depends-on" href="#at-1_smt.a"/>
           <part id="at-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01a.[01]"/>
-            <link rel="depends-on" href="#at-1_smt.a"/>
             <p>an awareness and training policy is developed and documented; </p>
+            <link rel="depends-on" href="#at-1_smt.a"/>
           </part>
           <part id="at-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01a.[02]"/>
-            <link rel="depends-on" href="#at-1_smt.a"/>
             <p>the awareness and training policy is disseminated to <insert type="param" id-ref="at-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#at-1_smt.a"/>
           </part>
           <part id="at-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01a.[03]"/>
-            <link rel="depends-on" href="#at-1_smt.a"/>
             <p>awareness and training procedures to facilitate the implementation of the awareness and training policy and associated access controls are developed and documented;</p>
+            <link rel="depends-on" href="#at-1_smt.a"/>
           </part>
           <part id="at-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01a.[04]"/>
-            <link rel="depends-on" href="#at-1_smt.a"/>
             <p>the awareness and training procedures are disseminated to <insert type="param" id-ref="at-01_odp.02"/>.</p>
+            <link rel="depends-on" href="#at-1_smt.a"/>
           </part>
           <part id="at-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01a.01"/>
-            <link rel="depends-on" href="#at-1_smt.a.1"/>
             <part id="at-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-01a.01(a)"/>
-              <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               <part id="at-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses purpose;</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
               <part id="at-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses scope;</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
               <part id="at-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses roles;</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
               <part id="at-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
               <part id="at-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses management commitment;</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
               <part id="at-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
               <part id="at-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AT-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy addresses compliance; and</p>
+                <link rel="depends-on" href="#at-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#at-1_smt.a.1.a"/>
             </part>
             <part id="at-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-01a.01(b)"/>
-              <link rel="depends-on" href="#at-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="at-01_odp.03"/> awareness and training policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines; and</p>
+              <link rel="depends-on" href="#at-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#at-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#at-1_smt.a"/>
         </part>
         <part id="at-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-01b."/>
-          <link rel="depends-on" href="#at-1_smt.b"/>
           <p>the <insert type="param" id-ref="at-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the awareness and training policy and procedures;</p>
+          <link rel="depends-on" href="#at-1_smt.b"/>
         </part>
         <part id="at-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-01c."/>
-          <link rel="depends-on" href="#at-1_smt.c"/>
           <part id="at-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01c.01"/>
-            <link rel="depends-on" href="#at-1_smt.c.1"/>
             <part id="at-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-01c.01[01]"/>
-              <link rel="depends-on" href="#at-1_smt.c.1"/>
               <p>the current awareness and training policy is reviewed and updated <insert type="param" id-ref="at-01_odp.05"/>; </p>
+              <link rel="depends-on" href="#at-1_smt.c.1"/>
             </part>
             <part id="at-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-01c.01[02]"/>
-              <link rel="depends-on" href="#at-1_smt.c.1"/>
               <p>the current awareness and training policy is reviewed and updated following <insert type="param" id-ref="at-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#at-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#at-1_smt.c.1"/>
           </part>
           <part id="at-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-01c.02"/>
-            <link rel="depends-on" href="#at-1_smt.c.2"/>
             <part id="at-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-01c.02[01]"/>
-              <link rel="depends-on" href="#at-1_smt.c.2"/>
               <p>the current awareness and training procedures are reviewed and updated <insert type="param" id-ref="at-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#at-1_smt.c.2"/>
             </part>
             <part id="at-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-01c.02[02]"/>
-              <link rel="depends-on" href="#at-1_smt.c.2"/>
               <p>the current awareness and training procedures are reviewed and updated following <insert type="param" id-ref="at-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#at-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#at-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#at-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#at-1_smt"/>
       </part>
       <part id="at-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11188,73 +11188,73 @@
       </part>
       <part id="at-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AT-02"/>
-        <link rel="depends-on" href="#at-2_smt"/>
         <part id="at-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02a."/>
-          <link rel="depends-on" href="#at-2_smt.a"/>
           <part id="at-2_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02a.01"/>
-            <link rel="depends-on" href="#at-2_smt.a.1"/>
             <part id="at-2_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-02a.01[01]"/>
-              <link rel="depends-on" href="#at-2_smt.a.1"/>
               <p>security literacy training is provided to system users (including managers, senior executives, and contractors) as part of initial training for new users;</p>
+              <link rel="depends-on" href="#at-2_smt.a.1"/>
             </part>
             <part id="at-2_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-02a.01[02]"/>
-              <link rel="depends-on" href="#at-2_smt.a.1"/>
               <p>privacy literacy training is provided to system users (including managers, senior executives, and contractors) as part of initial training for new users;</p>
+              <link rel="depends-on" href="#at-2_smt.a.1"/>
             </part>
             <part id="at-2_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-02a.01[03]"/>
-              <link rel="depends-on" href="#at-2_smt.a.1"/>
               <p>security literacy training is provided to system users (including managers, senior executives, and contractors) <insert type="param" id-ref="at-02_odp.01"/> thereafter;</p>
+              <link rel="depends-on" href="#at-2_smt.a.1"/>
             </part>
             <part id="at-2_obj.a.1-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-02a.01[04]"/>
-              <link rel="depends-on" href="#at-2_smt.a.1"/>
               <p>privacy literacy training is provided to system users (including managers, senior executives, and contractors) <insert type="param" id-ref="at-02_odp.02"/> thereafter;</p>
+              <link rel="depends-on" href="#at-2_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#at-2_smt.a.1"/>
           </part>
           <part id="at-2_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02a.02"/>
-            <link rel="depends-on" href="#at-2_smt.a.2"/>
             <part id="at-2_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-02a.02[01]"/>
-              <link rel="depends-on" href="#at-2_smt.a.2"/>
               <p>security literacy training is provided to system users (including managers, senior executives, and contractors) when required by system changes or following <insert type="param" id-ref="at-02_odp.03"/>;</p>
+              <link rel="depends-on" href="#at-2_smt.a.2"/>
             </part>
             <part id="at-2_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-02a.02[02]"/>
-              <link rel="depends-on" href="#at-2_smt.a.2"/>
               <p>privacy literacy training is provided to system users (including managers, senior executives, and contractors) when required by system changes or following <insert type="param" id-ref="at-02_odp.04"/>;</p>
+              <link rel="depends-on" href="#at-2_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#at-2_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#at-2_smt.a"/>
         </part>
         <part id="at-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02b."/>
-          <link rel="depends-on" href="#at-2_smt.b"/>
           <p><insert type="param" id-ref="at-02_odp.05"/> are employed to increase the security and privacy awareness of system users;</p>
+          <link rel="depends-on" href="#at-2_smt.b"/>
         </part>
         <part id="at-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02c."/>
-          <link rel="depends-on" href="#at-2_smt.c"/>
           <part id="at-2_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02c.[01]"/>
-            <link rel="depends-on" href="#at-2_smt.c"/>
             <p>literacy training and awareness content is updated <insert type="param" id-ref="at-02_odp.06"/>;</p>
+            <link rel="depends-on" href="#at-2_smt.c"/>
           </part>
           <part id="at-2_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02c.[02]"/>
-            <link rel="depends-on" href="#at-2_smt.c"/>
             <p>literacy training and awareness content is updated following <insert type="param" id-ref="at-02_odp.07"/>;</p>
+            <link rel="depends-on" href="#at-2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#at-2_smt.c"/>
         </part>
         <part id="at-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02d."/>
-          <link rel="depends-on" href="#at-2_smt.d"/>
           <p>lessons learned from internal or external security incidents or breaches are incorporated into literacy training and awareness techniques.</p>
+          <link rel="depends-on" href="#at-2_smt.d"/>
         </part>
+        <link rel="depends-on" href="#at-2_smt"/>
       </part>
       <part id="at-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11307,8 +11307,8 @@
         </part>
         <part id="at-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02(01)"/>
-          <link rel="depends-on" href="#at-2.1_smt"/>
           <p>practical exercises in literacy training that simulate events and incidents are provided.</p>
+          <link rel="depends-on" href="#at-2.1_smt"/>
         </part>
         <part id="at-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11357,17 +11357,17 @@
         </part>
         <part id="at-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02(02)"/>
-          <link rel="depends-on" href="#at-2.2_smt"/>
           <part id="at-2.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(02)[01]"/>
-            <link rel="depends-on" href="#at-2.2_smt"/>
             <p>literacy training on recognizing potential indicators of insider threat is provided;</p>
+            <link rel="depends-on" href="#at-2.2_smt"/>
           </part>
           <part id="at-2.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(02)[02]"/>
-            <link rel="depends-on" href="#at-2.2_smt"/>
             <p>literacy training on reporting potential indicators of insider threat is provided.</p>
+            <link rel="depends-on" href="#at-2.2_smt"/>
           </part>
+          <link rel="depends-on" href="#at-2.2_smt"/>
         </part>
         <part id="at-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11408,27 +11408,27 @@
         </part>
         <part id="at-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02(03)"/>
-          <link rel="depends-on" href="#at-2.3_smt"/>
           <part id="at-2.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(03)[01]"/>
-            <link rel="depends-on" href="#at-2.3_smt"/>
             <p>literacy training on recognizing potential and actual instances of social engineering is provided;</p>
+            <link rel="depends-on" href="#at-2.3_smt"/>
           </part>
           <part id="at-2.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(03)[02]"/>
-            <link rel="depends-on" href="#at-2.3_smt"/>
             <p>literacy training on reporting potential and actual instances of social engineering is provided;</p>
+            <link rel="depends-on" href="#at-2.3_smt"/>
           </part>
           <part id="at-2.3_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(03)[03]"/>
-            <link rel="depends-on" href="#at-2.3_smt"/>
             <p>literacy training on recognizing potential and actual instances of social mining is provided;</p>
+            <link rel="depends-on" href="#at-2.3_smt"/>
           </part>
           <part id="at-2.3_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(03)[04]"/>
-            <link rel="depends-on" href="#at-2.3_smt"/>
             <p>literacy training on reporting potential and actual instances of social mining is provided.</p>
+            <link rel="depends-on" href="#at-2.3_smt"/>
           </part>
+          <link rel="depends-on" href="#at-2.3_smt"/>
         </part>
         <part id="at-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11477,8 +11477,8 @@
         </part>
         <part id="at-2.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02(04)"/>
-          <link rel="depends-on" href="#at-2.4_smt"/>
           <p>literacy training on recognizing suspicious communications and anomalous behavior in organizational systems using <insert type="param" id-ref="at-02.04_odp"/> is provided.</p>
+          <link rel="depends-on" href="#at-2.4_smt"/>
         </part>
         <part id="at-2.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11519,8 +11519,8 @@
         </part>
         <part id="at-2.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02(05)"/>
-          <link rel="depends-on" href="#at-2.5_smt"/>
           <p>literacy training on the advanced persistent threat is provided.</p>
+          <link rel="depends-on" href="#at-2.5_smt"/>
         </part>
         <part id="at-2.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11569,17 +11569,17 @@
         </part>
         <part id="at-2.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-02(06)"/>
-          <link rel="depends-on" href="#at-2.6_smt"/>
           <part id="at-2.6_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(06)(a)"/>
-            <link rel="depends-on" href="#at-2.6_smt.a"/>
             <p>literacy training on the cyber threat environment is provided;</p>
+            <link rel="depends-on" href="#at-2.6_smt.a"/>
           </part>
           <part id="at-2.6_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-02(06)(b)"/>
-            <link rel="depends-on" href="#at-2.6_smt.b"/>
             <p>system operations reflects current cyber threat information.</p>
+            <link rel="depends-on" href="#at-2.6_smt.b"/>
           </part>
+          <link rel="depends-on" href="#at-2.6_smt"/>
         </part>
         <part id="at-2.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11708,68 +11708,68 @@
       </part>
       <part id="at-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AT-03"/>
-        <link rel="depends-on" href="#at-3_smt"/>
         <part id="at-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03a."/>
-          <link rel="depends-on" href="#at-3_smt.a"/>
           <part id="at-3_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-03a.01"/>
-            <link rel="depends-on" href="#at-3_smt.a.1"/>
             <part id="at-3_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-03a.01[01]"/>
-              <link rel="depends-on" href="#at-3_smt.a.1"/>
               <p>role-based security training is provided to <insert type="param" id-ref="at-03_odp.01"/> before authorizing access to the system, information, or performing assigned duties;</p>
+              <link rel="depends-on" href="#at-3_smt.a.1"/>
             </part>
             <part id="at-3_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-03a.01[02]"/>
-              <link rel="depends-on" href="#at-3_smt.a.1"/>
               <p>role-based privacy training is provided to <insert type="param" id-ref="at-03_odp.02"/> before authorizing access to the system, information, or performing assigned duties;</p>
+              <link rel="depends-on" href="#at-3_smt.a.1"/>
             </part>
             <part id="at-3_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-03a.01[03]"/>
-              <link rel="depends-on" href="#at-3_smt.a.1"/>
               <p>role-based security training is provided to <insert type="param" id-ref="at-03_odp.01"/> <insert type="param" id-ref="at-03_odp.03"/> thereafter;</p>
+              <link rel="depends-on" href="#at-3_smt.a.1"/>
             </part>
             <part id="at-3_obj.a.1-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-03a.01[04]"/>
-              <link rel="depends-on" href="#at-3_smt.a.1"/>
               <p>role-based privacy training is provided to <insert type="param" id-ref="at-03_odp.02"/> <insert type="param" id-ref="at-03_odp.03"/> thereafter;</p>
+              <link rel="depends-on" href="#at-3_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#at-3_smt.a.1"/>
           </part>
           <part id="at-3_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-03a.02"/>
-            <link rel="depends-on" href="#at-3_smt.a.2"/>
             <part id="at-3_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-03a.02[01]"/>
-              <link rel="depends-on" href="#at-3_smt.a.2"/>
               <p>role-based security training is provided to personnel with assigned security roles and responsibilities when required by system changes;</p>
+              <link rel="depends-on" href="#at-3_smt.a.2"/>
             </part>
             <part id="at-3_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AT-03a.02[02]"/>
-              <link rel="depends-on" href="#at-3_smt.a.2"/>
               <p>role-based privacy training is provided to personnel with assigned security roles and responsibilities when required by system changes;</p>
+              <link rel="depends-on" href="#at-3_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#at-3_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#at-3_smt.a"/>
         </part>
         <part id="at-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03b."/>
-          <link rel="depends-on" href="#at-3_smt.b"/>
           <part id="at-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-03b.[01]"/>
-            <link rel="depends-on" href="#at-3_smt.b"/>
             <p>role-based training content is updated <insert type="param" id-ref="at-03_odp.04"/>;</p>
+            <link rel="depends-on" href="#at-3_smt.b"/>
           </part>
           <part id="at-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-03b.[02]"/>
-            <link rel="depends-on" href="#at-3_smt.b"/>
             <p>role-based training content is updated following <insert type="param" id-ref="at-03_odp.05"/>;</p>
+            <link rel="depends-on" href="#at-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#at-3_smt.b"/>
         </part>
         <part id="at-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03c."/>
-          <link rel="depends-on" href="#at-3_smt.c"/>
           <p>lessons learned from internal or external security incidents or breaches are incorporated into role-based training.</p>
+          <link rel="depends-on" href="#at-3_smt.c"/>
         </part>
+        <link rel="depends-on" href="#at-3_smt"/>
       </part>
       <part id="at-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11838,8 +11838,8 @@
         </part>
         <part id="at-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03(01)"/>
-          <link rel="depends-on" href="#at-3.1_smt"/>
           <p><insert type="param" id-ref="at-03.01_odp.01"/> are provided with initial and refresher training <insert type="param" id-ref="at-03.01_odp.02"/> in the employment and operation of environmental controls.</p>
+          <link rel="depends-on" href="#at-3.1_smt"/>
         </part>
         <part id="at-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11899,8 +11899,8 @@
         </part>
         <part id="at-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03(02)"/>
-          <link rel="depends-on" href="#at-3.2_smt"/>
           <p><insert type="param" id-ref="at-03.02_odp.01"/> is/are provided with initial and refresher training <insert type="param" id-ref="at-03.02_odp.02"/> in the employment and operation of physical security controls.</p>
+          <link rel="depends-on" href="#at-3.2_smt"/>
         </part>
         <part id="at-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -11941,17 +11941,17 @@
         </part>
         <part id="at-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03(03)"/>
-          <link rel="depends-on" href="#at-3.3_smt"/>
           <part id="at-3.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-03(03)[01]"/>
-            <link rel="depends-on" href="#at-3.3_smt"/>
             <p>practical exercises in security training that reinforce training objectives are provided;</p>
+            <link rel="depends-on" href="#at-3.3_smt"/>
           </part>
           <part id="at-3.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-03(03)[02]"/>
-            <link rel="depends-on" href="#at-3.3_smt"/>
             <p>practical exercises in privacy training that reinforce training objectives are provided.</p>
+            <link rel="depends-on" href="#at-3.3_smt"/>
           </part>
+          <link rel="depends-on" href="#at-3.3_smt"/>
         </part>
         <part id="at-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12020,8 +12020,8 @@
         </part>
         <part id="at-3.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-03(05)"/>
-          <link rel="depends-on" href="#at-3.5_smt"/>
           <p><insert type="param" id-ref="at-03.05_odp.01"/> are provided with initial and refresher training <insert type="param" id-ref="at-03.05_odp.02"/> in the employment and operation of personally identifiable information processing and transparency controls.</p>
+          <link rel="depends-on" href="#at-3.5_smt"/>
         </part>
         <part id="at-3.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12090,26 +12090,26 @@
       </part>
       <part id="at-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AT-04"/>
-        <link rel="depends-on" href="#at-4_smt"/>
         <part id="at-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-04a."/>
-          <link rel="depends-on" href="#at-4_smt.a"/>
           <part id="at-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-04a.[01]"/>
-            <link rel="depends-on" href="#at-4_smt.a"/>
             <p>information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training, are documented;</p>
+            <link rel="depends-on" href="#at-4_smt.a"/>
           </part>
           <part id="at-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AT-04a.[02]"/>
-            <link rel="depends-on" href="#at-4_smt.a"/>
             <p>information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training, are monitored;</p>
+            <link rel="depends-on" href="#at-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#at-4_smt.a"/>
         </part>
         <part id="at-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AT-04b."/>
-          <link rel="depends-on" href="#at-4_smt.b"/>
           <p>individual training records are retained for <insert type="param" id-ref="at-04_odp"/>.</p>
+          <link rel="depends-on" href="#at-4_smt.b"/>
         </part>
+        <link rel="depends-on" href="#at-4_smt"/>
       </part>
       <part id="at-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12177,8 +12177,8 @@
       </part>
       <part id="at-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AT-06"/>
-        <link rel="depends-on" href="#at-6_smt"/>
         <p>feedback on organizational training results is provided <insert type="param" id-ref="at-06_odp.01"/> to <insert type="param" id-ref="at-06_odp.02"/>.</p>
+        <link rel="depends-on" href="#at-6_smt"/>
       </part>
       <part id="at-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12334,116 +12334,116 @@
       </part>
       <part id="au-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-01"/>
-        <link rel="depends-on" href="#au-1_smt"/>
         <part id="au-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-01a."/>
-          <link rel="depends-on" href="#au-1_smt.a"/>
           <part id="au-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01a.[01]"/>
-            <link rel="depends-on" href="#au-1_smt.a"/>
             <p>an audit and accountability policy is developed and documented;</p>
+            <link rel="depends-on" href="#au-1_smt.a"/>
           </part>
           <part id="au-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01a.[02]"/>
-            <link rel="depends-on" href="#au-1_smt.a"/>
             <p>the audit and accountability policy is disseminated to <insert type="param" id-ref="au-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#au-1_smt.a"/>
           </part>
           <part id="au-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01a.[03]"/>
-            <link rel="depends-on" href="#au-1_smt.a"/>
             <p>audit and accountability procedures to facilitate the implementation of the audit and accountability policy and associated audit and accountability controls are developed and documented;</p>
+            <link rel="depends-on" href="#au-1_smt.a"/>
           </part>
           <part id="au-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01a.[04]"/>
-            <link rel="depends-on" href="#au-1_smt.a"/>
             <p>the audit and accountability procedures are disseminated to <insert type="param" id-ref="au-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#au-1_smt.a"/>
           </part>
           <part id="au-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01a.01"/>
-            <link rel="depends-on" href="#au-1_smt.a.1"/>
             <part id="au-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AU-01a.01(a)"/>
-              <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               <part id="au-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses purpose;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
               <part id="au-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses scope;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
               <part id="au-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses roles;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
               <part id="au-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
               <part id="au-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses management commitment;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
               <part id="au-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
               <part id="au-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="AU-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy addresses compliance;</p>
+                <link rel="depends-on" href="#au-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#au-1_smt.a.1.a"/>
             </part>
             <part id="au-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AU-01a.01(b)"/>
-              <link rel="depends-on" href="#au-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="au-01_odp.03"/> of the audit and accountability policy is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#au-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#au-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#au-1_smt.a"/>
         </part>
         <part id="au-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-01b."/>
-          <link rel="depends-on" href="#au-1_smt.b"/>
           <p>the <insert type="param" id-ref="au-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the audit and accountability policy and procedures;</p>
+          <link rel="depends-on" href="#au-1_smt.b"/>
         </part>
         <part id="au-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-01c."/>
-          <link rel="depends-on" href="#au-1_smt.c"/>
           <part id="au-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01c.01"/>
-            <link rel="depends-on" href="#au-1_smt.c.1"/>
             <part id="au-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AU-01c.01[01]"/>
-              <link rel="depends-on" href="#au-1_smt.c.1"/>
               <p>the current audit and accountability policy is reviewed and updated <insert type="param" id-ref="au-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#au-1_smt.c.1"/>
             </part>
             <part id="au-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AU-01c.01[02]"/>
-              <link rel="depends-on" href="#au-1_smt.c.1"/>
               <p>the current audit and accountability policy is reviewed and updated following <insert type="param" id-ref="au-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#au-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#au-1_smt.c.1"/>
           </part>
           <part id="au-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-01c.02"/>
-            <link rel="depends-on" href="#au-1_smt.c.2"/>
             <part id="au-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AU-01c.02[01]"/>
-              <link rel="depends-on" href="#au-1_smt.c.2"/>
               <p>the current audit and accountability procedures are reviewed and updated <insert type="param" id-ref="au-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#au-1_smt.c.2"/>
             </part>
             <part id="au-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="AU-01c.02[02]"/>
-              <link rel="depends-on" href="#au-1_smt.c.2"/>
               <p>the current audit and accountability procedures are reviewed and updated following <insert type="param" id-ref="au-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#au-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#au-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#au-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#au-1_smt"/>
       </part>
       <part id="au-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12571,41 +12571,41 @@
       </part>
       <part id="au-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-02"/>
-        <link rel="depends-on" href="#au-2_smt"/>
         <part id="au-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-02a."/>
-          <link rel="depends-on" href="#au-2_smt.a"/>
           <p><insert type="param" id-ref="au-02_odp.01"/> that the system is capable of logging are identified in support of the audit logging function;</p>
+          <link rel="depends-on" href="#au-2_smt.a"/>
         </part>
         <part id="au-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-02b."/>
-          <link rel="depends-on" href="#au-2_smt.b"/>
           <p>the event logging function is coordinated with other organizational entities requiring audit-related information to guide and inform the selection criteria for events to be logged;</p>
+          <link rel="depends-on" href="#au-2_smt.b"/>
         </part>
         <part id="au-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-02c."/>
-          <link rel="depends-on" href="#au-2_smt.c"/>
           <part id="au-2_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-02c.[01]"/>
-            <link rel="depends-on" href="#au-2_smt.c"/>
             <p><insert type="param" id-ref="au-02_odp.02"/> are specified for logging within the system;</p>
+            <link rel="depends-on" href="#au-2_smt.c"/>
           </part>
           <part id="au-2_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-02c.[02]"/>
-            <link rel="depends-on" href="#au-2_smt.c"/>
             <p>the specified event types are logged within the system <insert type="param" id-ref="au-02_odp.03"/>;</p>
+            <link rel="depends-on" href="#au-2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#au-2_smt.c"/>
         </part>
         <part id="au-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-02d."/>
-          <link rel="depends-on" href="#au-2_smt.d"/>
           <p>a rationale is provided for why the event types selected for logging are deemed to be adequate to support after-the-fact investigations of incidents;</p>
+          <link rel="depends-on" href="#au-2_smt.d"/>
         </part>
         <part id="au-2_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-02e."/>
-          <link rel="depends-on" href="#au-2_smt.e"/>
           <p>the event types selected for logging are reviewed and updated <insert type="param" id-ref="au-02_odp.04"/>.</p>
+          <link rel="depends-on" href="#au-2_smt.e"/>
         </part>
+        <link rel="depends-on" href="#au-2_smt"/>
       </part>
       <part id="au-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12720,37 +12720,37 @@
       </part>
       <part id="au-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-03"/>
-        <link rel="depends-on" href="#au-3_smt"/>
         <part id="au-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03a."/>
-          <link rel="depends-on" href="#au-3_smt.a"/>
           <p>audit records contain information that establishes what type of event occurred;</p>
+          <link rel="depends-on" href="#au-3_smt.a"/>
         </part>
         <part id="au-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03b."/>
-          <link rel="depends-on" href="#au-3_smt.b"/>
           <p>audit records contain information that establishes when the event occurred;</p>
+          <link rel="depends-on" href="#au-3_smt.b"/>
         </part>
         <part id="au-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03c."/>
-          <link rel="depends-on" href="#au-3_smt.c"/>
           <p>audit records contain information that establishes where the event occurred;</p>
+          <link rel="depends-on" href="#au-3_smt.c"/>
         </part>
         <part id="au-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03d."/>
-          <link rel="depends-on" href="#au-3_smt.d"/>
           <p>audit records contain information that establishes the source of the event;</p>
+          <link rel="depends-on" href="#au-3_smt.d"/>
         </part>
         <part id="au-3_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03e."/>
-          <link rel="depends-on" href="#au-3_smt.e"/>
           <p>audit records contain information that establishes the outcome of the event;</p>
+          <link rel="depends-on" href="#au-3_smt.e"/>
         </part>
         <part id="au-3_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03f."/>
-          <link rel="depends-on" href="#au-3_smt.f"/>
           <p>audit records contain information that establishes the identity of any individuals, subjects, or objects/entities associated with the event.</p>
+          <link rel="depends-on" href="#au-3_smt.f"/>
         </part>
+        <link rel="depends-on" href="#au-3_smt"/>
       </part>
       <part id="au-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12807,8 +12807,8 @@
         </part>
         <part id="au-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03(01)"/>
-          <link rel="depends-on" href="#au-3.1_smt"/>
           <p>generated audit records contain the following <insert type="param" id-ref="au-03.01_odp"/>.</p>
+          <link rel="depends-on" href="#au-3.1_smt"/>
         </part>
         <part id="au-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12875,8 +12875,8 @@
         </part>
         <part id="au-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-03(03)"/>
-          <link rel="depends-on" href="#au-3.3_smt"/>
           <p>personally identifiable information contained in audit records is limited to <insert type="param" id-ref="au-03.03_odp"/> identified in the privacy risk assessment.</p>
+          <link rel="depends-on" href="#au-3.3_smt"/>
         </part>
         <part id="au-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -12947,8 +12947,8 @@
       </part>
       <part id="au-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-04"/>
-        <link rel="depends-on" href="#au-4_smt"/>
         <p>audit log storage capacity is allocated to accommodate <insert type="param" id-ref="au-04_odp"/>.</p>
+        <link rel="depends-on" href="#au-4_smt"/>
       </part>
       <part id="au-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13007,8 +13007,8 @@
         </part>
         <part id="au-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-04(01)"/>
-          <link rel="depends-on" href="#au-4.1_smt"/>
           <p>audit logs are transferred <insert type="param" id-ref="au-04.01_odp"/> to a different system, system component, or media other than the system or system component conducting the logging.</p>
+          <link rel="depends-on" href="#au-4.1_smt"/>
         </part>
         <part id="au-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13098,17 +13098,17 @@
       </part>
       <part id="au-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-05"/>
-        <link rel="depends-on" href="#au-5_smt"/>
         <part id="au-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05a."/>
-          <link rel="depends-on" href="#au-5_smt.a"/>
           <p><insert type="param" id-ref="au-05_odp.01"/> are alerted in the event of an audit logging process failure within <insert type="param" id-ref="au-05_odp.02"/>;</p>
+          <link rel="depends-on" href="#au-5_smt.a"/>
         </part>
         <part id="au-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05b."/>
-          <link rel="depends-on" href="#au-5_smt.b"/>
           <p><insert type="param" id-ref="au-05_odp.03"/> are taken in the event of an audit logging process failure.</p>
+          <link rel="depends-on" href="#au-5_smt.b"/>
         </part>
+        <link rel="depends-on" href="#au-5_smt"/>
       </part>
       <part id="au-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13181,8 +13181,8 @@
         </part>
         <part id="au-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05(01)"/>
-          <link rel="depends-on" href="#au-5.1_smt"/>
           <p>a warning is provided to <insert type="param" id-ref="au-05.01_odp.01"/> within <insert type="param" id-ref="au-05.01_odp.02"/> when allocated audit log storage volume reaches <insert type="param" id-ref="au-05.01_odp.03"/> of repository maximum audit log storage capacity.</p>
+          <link rel="depends-on" href="#au-5.1_smt"/>
         </part>
         <part id="au-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13254,8 +13254,8 @@
         </part>
         <part id="au-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05(02)"/>
-          <link rel="depends-on" href="#au-5.2_smt"/>
           <p>an alert is provided within <insert type="param" id-ref="au-05.02_odp.01"/> to <insert type="param" id-ref="au-05.02_odp.02"/> when <insert type="param" id-ref="au-05.02_odp.03"/> occur.</p>
+          <link rel="depends-on" href="#au-5.2_smt"/>
         </part>
         <part id="au-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13305,17 +13305,17 @@
         </part>
         <part id="au-5.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05(03)"/>
-          <link rel="depends-on" href="#au-5.3_smt"/>
           <part id="au-5.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-05(03)[01]"/>
-            <link rel="depends-on" href="#au-5.3_smt"/>
             <p>configurable network communications traffic volume thresholds reflecting limits on audit log storage capacity are enforced;</p>
+            <link rel="depends-on" href="#au-5.3_smt"/>
           </part>
           <part id="au-5.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-05(03)[02]"/>
-            <link rel="depends-on" href="#au-5.3_smt"/>
             <p>network traffic is <insert type="param" id-ref="au-05.03_odp"/> if network traffic volume is above configured thresholds.</p>
+            <link rel="depends-on" href="#au-5.3_smt"/>
           </part>
+          <link rel="depends-on" href="#au-5.3_smt"/>
         </part>
         <part id="au-5.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13375,8 +13375,8 @@
         </part>
         <part id="au-5.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05(04)"/>
-          <link rel="depends-on" href="#au-5.4_smt"/>
           <p><insert type="param" id-ref="au-05.04_odp.01"/> is/are invoked in the event of <insert type="param" id-ref="au-05.04_odp.02"/> , unless an alternate audit logging capability exists.</p>
+          <link rel="depends-on" href="#au-5.4_smt"/>
         </part>
         <part id="au-5.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13434,8 +13434,8 @@
         </part>
         <part id="au-5.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-05(05)"/>
-          <link rel="depends-on" href="#au-5.5_smt"/>
           <p>an alternate audit logging capability is provided in the event of a failure in primary audit logging capability that implements <insert type="param" id-ref="au-05.05_odp"/>.</p>
+          <link rel="depends-on" href="#au-5.5_smt"/>
         </part>
         <part id="au-5.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13552,22 +13552,22 @@
       </part>
       <part id="au-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-06"/>
-        <link rel="depends-on" href="#au-6_smt"/>
         <part id="au-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06a."/>
-          <link rel="depends-on" href="#au-6_smt.a"/>
           <p>system audit records are reviewed and analyzed <insert type="param" id-ref="au-06_odp.01"/> for indications of <insert type="param" id-ref="au-06_odp.02"/> and the potential impact of the inappropriate or unusual activity;</p>
+          <link rel="depends-on" href="#au-6_smt.a"/>
         </part>
         <part id="au-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06b."/>
-          <link rel="depends-on" href="#au-6_smt.b"/>
           <p>findings are reported to <insert type="param" id-ref="au-06_odp.03"/>;</p>
+          <link rel="depends-on" href="#au-6_smt.b"/>
         </part>
         <part id="au-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06c."/>
-          <link rel="depends-on" href="#au-6_smt.c"/>
           <p>the level of audit record review, analysis, and reporting within the system is adjusted when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.</p>
+          <link rel="depends-on" href="#au-6_smt.c"/>
         </part>
+        <link rel="depends-on" href="#au-6_smt"/>
       </part>
       <part id="au-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13615,8 +13615,8 @@
         </part>
         <part id="au-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(01)"/>
-          <link rel="depends-on" href="#au-6.1_smt"/>
           <p>audit record review, analysis, and reporting processes are integrated using <insert type="param" id-ref="au-06.01_odp"/>.</p>
+          <link rel="depends-on" href="#au-6.1_smt"/>
         </part>
         <part id="au-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13675,8 +13675,8 @@
         </part>
         <part id="au-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(03)"/>
-          <link rel="depends-on" href="#au-6.3_smt"/>
           <p>audit records across different repositories are analyzed and correlated to gain organization-wide situational awareness.</p>
+          <link rel="depends-on" href="#au-6.3_smt"/>
         </part>
         <part id="au-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13726,17 +13726,17 @@
         </part>
         <part id="au-6.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(04)"/>
-          <link rel="depends-on" href="#au-6.4_smt"/>
           <part id="au-6.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-06(04)[01]"/>
-            <link rel="depends-on" href="#au-6.4_smt"/>
             <p>the capability to centrally review and analyze audit records from multiple components within the system is provided;</p>
+            <link rel="depends-on" href="#au-6.4_smt"/>
           </part>
           <part id="au-6.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-06(04)[02]"/>
-            <link rel="depends-on" href="#au-6.4_smt"/>
             <p>the capability to centrally review and analyze audit records from multiple components within the system is implemented.</p>
+            <link rel="depends-on" href="#au-6.4_smt"/>
           </part>
+          <link rel="depends-on" href="#au-6.4_smt"/>
         </part>
         <part id="au-6.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13805,8 +13805,8 @@
         </part>
         <part id="au-6.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(05)"/>
-          <link rel="depends-on" href="#au-6.5_smt"/>
           <p>analysis of audit records is integrated with analysis of <insert type="param" id-ref="au-06.05_odp.01"/> to further enhance the ability to identify inappropriate or unusual activity.</p>
+          <link rel="depends-on" href="#au-6.5_smt"/>
         </part>
         <part id="au-6.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13854,8 +13854,8 @@
         </part>
         <part id="au-6.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(06)"/>
-          <link rel="depends-on" href="#au-6.6_smt"/>
           <p>information from audit records is correlated with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.</p>
+          <link rel="depends-on" href="#au-6.6_smt"/>
         </part>
         <part id="au-6.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13914,8 +13914,8 @@
         </part>
         <part id="au-6.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(07)"/>
-          <link rel="depends-on" href="#au-6.7_smt"/>
           <p>the permitted actions for each <insert type="param" id-ref="au-06.07_odp"/> associated with the review, analysis, and reporting of audit record information are specified.</p>
+          <link rel="depends-on" href="#au-6.7_smt"/>
         </part>
         <part id="au-6.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -13964,8 +13964,8 @@
         </part>
         <part id="au-6.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(08)"/>
-          <link rel="depends-on" href="#au-6.8_smt"/>
           <p>a full text analysis of logged privileged commands in a physically distinct component or subsystem of the system or other system that is dedicated to that analysis is performed.</p>
+          <link rel="depends-on" href="#au-6.8_smt"/>
         </part>
         <part id="au-6.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14015,8 +14015,8 @@
         </part>
         <part id="au-6.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-06(09)"/>
-          <link rel="depends-on" href="#au-6.9_smt"/>
           <p>information from non-technical sources is correlated with audit record information to enhance organization-wide situational awareness.</p>
+          <link rel="depends-on" href="#au-6.9_smt"/>
         </part>
         <part id="au-6.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14094,35 +14094,35 @@
       </part>
       <part id="au-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-07"/>
-        <link rel="depends-on" href="#au-7_smt"/>
         <part id="au-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-07a."/>
-          <link rel="depends-on" href="#au-7_smt.a"/>
           <part id="au-7_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-07a.[01]"/>
-            <link rel="depends-on" href="#au-7_smt.a"/>
             <p>an audit record reduction and report generation capability is provided that supports on-demand audit record review, analysis, and reporting requirements and after-the-fact investigations of incidents;</p>
+            <link rel="depends-on" href="#au-7_smt.a"/>
           </part>
           <part id="au-7_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-07a.[02]"/>
-            <link rel="depends-on" href="#au-7_smt.a"/>
             <p>an audit record reduction and report generation capability is implemented that supports on-demand audit record review, analysis, and reporting requirements and after-the-fact investigations of incidents;</p>
+            <link rel="depends-on" href="#au-7_smt.a"/>
           </part>
+          <link rel="depends-on" href="#au-7_smt.a"/>
         </part>
         <part id="au-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-07b."/>
-          <link rel="depends-on" href="#au-7_smt.b"/>
           <part id="au-7_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-07b.[01]"/>
-            <link rel="depends-on" href="#au-7_smt.b"/>
             <p>an audit record reduction and report generation capability is provided that does not alter the original content or time ordering of audit records;</p>
+            <link rel="depends-on" href="#au-7_smt.b"/>
           </part>
           <part id="au-7_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-07b.[02]"/>
-            <link rel="depends-on" href="#au-7_smt.b"/>
             <p>an audit record reduction and report generation capability is implemented that does not alter the original content or time ordering of audit records.</p>
+            <link rel="depends-on" href="#au-7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#au-7_smt.b"/>
         </part>
+        <link rel="depends-on" href="#au-7_smt"/>
       </part>
       <part id="au-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14178,17 +14178,17 @@
         </part>
         <part id="au-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-07(01)"/>
-          <link rel="depends-on" href="#au-7.1_smt"/>
           <part id="au-7.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-07(01)[01]"/>
-            <link rel="depends-on" href="#au-7.1_smt"/>
             <p>the capability to process, sort, and search audit records for events of interest based on <insert type="param" id-ref="au-07.01_odp"/> are provided;</p>
+            <link rel="depends-on" href="#au-7.1_smt"/>
           </part>
           <part id="au-7.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-07(01)[02]"/>
-            <link rel="depends-on" href="#au-7.1_smt"/>
             <p>the capability to process, sort, and search audit records for events of interest based on <insert type="param" id-ref="au-07.01_odp"/> are implemented.</p>
+            <link rel="depends-on" href="#au-7.1_smt"/>
           </part>
+          <link rel="depends-on" href="#au-7.1_smt"/>
         </part>
         <part id="au-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14265,17 +14265,17 @@
       </part>
       <part id="au-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-08"/>
-        <link rel="depends-on" href="#au-8_smt"/>
         <part id="au-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-08a."/>
-          <link rel="depends-on" href="#au-8_smt.a"/>
           <p>internal system clocks are used to generate timestamps for audit records;</p>
+          <link rel="depends-on" href="#au-8_smt.a"/>
         </part>
         <part id="au-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-08b."/>
-          <link rel="depends-on" href="#au-8_smt.b"/>
           <p>timestamps are recorded for audit records that meet <insert type="param" id-ref="au-08_odp"/> and that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or include the local time offset as part of the timestamp.</p>
+          <link rel="depends-on" href="#au-8_smt.b"/>
         </part>
+        <link rel="depends-on" href="#au-8_smt"/>
       </part>
       <part id="au-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14370,17 +14370,17 @@
       </part>
       <part id="au-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-09"/>
-        <link rel="depends-on" href="#au-9_smt"/>
         <part id="au-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09a."/>
-          <link rel="depends-on" href="#au-9_smt.a"/>
           <p>audit information and audit logging tools are protected from unauthorized access, modification, and deletion;</p>
+          <link rel="depends-on" href="#au-9_smt.a"/>
         </part>
         <part id="au-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09b."/>
-          <link rel="depends-on" href="#au-9_smt.b"/>
           <p><insert type="param" id-ref="au-09_odp"/> are alerted upon detection of unauthorized access, modification, or deletion of audit information.</p>
+          <link rel="depends-on" href="#au-9_smt.b"/>
         </part>
+        <link rel="depends-on" href="#au-9_smt"/>
       </part>
       <part id="au-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14432,8 +14432,8 @@
         </part>
         <part id="au-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(01)"/>
-          <link rel="depends-on" href="#au-9.1_smt"/>
           <p>audit trails are written to hardware-enforced, write-once media.</p>
+          <link rel="depends-on" href="#au-9.1_smt"/>
         </part>
         <part id="au-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14495,8 +14495,8 @@
         </part>
         <part id="au-9.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(02)"/>
-          <link rel="depends-on" href="#au-9.2_smt"/>
           <p>audit records are stored <insert type="param" id-ref="au-09.02_odp"/> in a repository that is part of a physically different system or system component than the system or component being audited.</p>
+          <link rel="depends-on" href="#au-9.2_smt"/>
         </part>
         <part id="au-9.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14549,8 +14549,8 @@
         </part>
         <part id="au-9.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(03)"/>
-          <link rel="depends-on" href="#au-9.3_smt"/>
           <p>cryptographic mechanisms to protect the integrity of audit information and audit tools are implemented.</p>
+          <link rel="depends-on" href="#au-9.3_smt"/>
         </part>
         <part id="au-9.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14610,8 +14610,8 @@
         </part>
         <part id="au-9.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(04)"/>
-          <link rel="depends-on" href="#au-9.4_smt"/>
           <p>access to management of audit logging functionality is authorized only to <insert type="param" id-ref="au-09.04_odp"/>.</p>
+          <link rel="depends-on" href="#au-9.4_smt"/>
         </part>
         <part id="au-9.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14681,8 +14681,8 @@
         </part>
         <part id="au-9.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(05)"/>
-          <link rel="depends-on" href="#au-9.5_smt"/>
           <p>dual authorization is enforced for the <insert type="param" id-ref="au-09.05_odp.01"/> of <insert type="param" id-ref="au-09.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#au-9.5_smt"/>
         </part>
         <part id="au-9.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14741,8 +14741,8 @@
         </part>
         <part id="au-9.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(06)"/>
-          <link rel="depends-on" href="#au-9.6_smt"/>
           <p>read-only access to audit information is authorized to <insert type="param" id-ref="au-09.06_odp"/>.</p>
+          <link rel="depends-on" href="#au-9.6_smt"/>
         </part>
         <part id="au-9.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14798,8 +14798,8 @@
         </part>
         <part id="au-9.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-09(07)"/>
-          <link rel="depends-on" href="#au-9.7_smt"/>
           <p>audit information is stored on a component running a different operating system than the system or component being audited.</p>
+          <link rel="depends-on" href="#au-9.7_smt"/>
         </part>
         <part id="au-9.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14873,8 +14873,8 @@
       </part>
       <part id="au-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-10"/>
-        <link rel="depends-on" href="#au-10_smt"/>
         <p>irrefutable evidence is provided that an individual (or process acting on behalf of an individual) has performed <insert type="param" id-ref="au-10_odp"/>.</p>
+        <link rel="depends-on" href="#au-10_smt"/>
       </part>
       <part id="au-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -14939,17 +14939,17 @@
         </part>
         <part id="au-10.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-10(01)"/>
-          <link rel="depends-on" href="#au-10.1_smt"/>
           <part id="au-10.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-10(01)(a)"/>
-            <link rel="depends-on" href="#au-10.1_smt.a"/>
             <p>the identity of the information producer is bound with the information to <insert type="param" id-ref="au-10.01_odp"/>;</p>
+            <link rel="depends-on" href="#au-10.1_smt.a"/>
           </part>
           <part id="au-10.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-10(01)(b)"/>
-            <link rel="depends-on" href="#au-10.1_smt.b"/>
             <p>the means for authorized individuals to determine the identity of the producer of the information is provided.</p>
+            <link rel="depends-on" href="#au-10.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#au-10.1_smt"/>
         </part>
         <part id="au-10.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15024,17 +15024,17 @@
         </part>
         <part id="au-10.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-10(02)"/>
-          <link rel="depends-on" href="#au-10.2_smt"/>
           <part id="au-10.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-10(02)(a)"/>
-            <link rel="depends-on" href="#au-10.2_smt.a"/>
             <p>the binding of the information producer identity to the information is validated at <insert type="param" id-ref="au-10.02_odp.01"/>;</p>
+            <link rel="depends-on" href="#au-10.2_smt.a"/>
           </part>
           <part id="au-10.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-10(02)(b)"/>
-            <link rel="depends-on" href="#au-10.2_smt.b"/>
             <p><insert type="param" id-ref="au-10.02_odp.02"/> in the event of a validation error are performed.</p>
+            <link rel="depends-on" href="#au-10.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#au-10.2_smt"/>
         </part>
         <part id="au-10.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15087,8 +15087,8 @@
         </part>
         <part id="au-10.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-10(03)"/>
-          <link rel="depends-on" href="#au-10.3_smt"/>
           <p>reviewer or releaser credentials are maintained within the established chain of custody for information reviewed or released.</p>
+          <link rel="depends-on" href="#au-10.3_smt"/>
         </part>
         <part id="au-10.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15163,17 +15163,17 @@
         </part>
         <part id="au-10.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-10(04)"/>
-          <link rel="depends-on" href="#au-10.4_smt"/>
           <part id="au-10.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-10(04)(a)"/>
-            <link rel="depends-on" href="#au-10.4_smt.a"/>
             <p>the binding of the information reviewer identity to the information at the transfer or release points prior to release or transfer between <insert type="param" id-ref="au-10.04_odp.01"/> is validated;</p>
+            <link rel="depends-on" href="#au-10.4_smt.a"/>
           </part>
           <part id="au-10.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-10(04)(b)"/>
-            <link rel="depends-on" href="#au-10.4_smt.b"/>
             <p><insert type="param" id-ref="au-10.04_odp.02"/> are performed in the event of a validation error.</p>
+            <link rel="depends-on" href="#au-10.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#au-10.4_smt"/>
         </part>
         <part id="au-10.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15249,8 +15249,8 @@
       </part>
       <part id="au-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-11"/>
-        <link rel="depends-on" href="#au-11_smt"/>
         <p>audit records are retained for <insert type="param" id-ref="au-11_odp"/> to provide support for after-the-fact investigations of incidents and to meet regulatory and organizational information retention requirements.</p>
+        <link rel="depends-on" href="#au-11_smt"/>
       </part>
       <part id="au-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15301,8 +15301,8 @@
         </part>
         <part id="au-11.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-11(01)"/>
-          <link rel="depends-on" href="#au-11.1_smt"/>
           <p><insert type="param" id-ref="au-11.01_odp"/> are employed to ensure that long-term audit records generated by the system can be retrieved.</p>
+          <link rel="depends-on" href="#au-11.1_smt"/>
         </part>
         <part id="au-11.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15398,22 +15398,22 @@
       </part>
       <part id="au-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-12"/>
-        <link rel="depends-on" href="#au-12_smt"/>
         <part id="au-12_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12a."/>
-          <link rel="depends-on" href="#au-12_smt.a"/>
           <p>audit record generation capability for the event types the system is capable of auditing (defined in AU-02_ODP[01]) is provided by <insert type="param" id-ref="au-12_odp.01"/>;</p>
+          <link rel="depends-on" href="#au-12_smt.a"/>
         </part>
         <part id="au-12_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12b."/>
-          <link rel="depends-on" href="#au-12_smt.b"/>
           <p><insert type="param" id-ref="au-12_odp.02"/> is/are allowed to select the event types that are to be logged by specific components of the system;</p>
+          <link rel="depends-on" href="#au-12_smt.b"/>
         </part>
         <part id="au-12_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12c."/>
-          <link rel="depends-on" href="#au-12_smt.c"/>
           <p>audit records for the event types defined in AU-02_ODP[02] that include the audit record content defined in AU-03 are generated.</p>
+          <link rel="depends-on" href="#au-12_smt.c"/>
         </part>
+        <link rel="depends-on" href="#au-12_smt"/>
       </part>
       <part id="au-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15481,8 +15481,8 @@
         </part>
         <part id="au-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12(01)"/>
-          <link rel="depends-on" href="#au-12.1_smt"/>
           <p>audit records from <insert type="param" id-ref="au-12.01_odp.01"/> are compiled into a system-wide (logical or physical) audit trail that is time-correlated to within <insert type="param" id-ref="au-12.01_odp.02"/>.</p>
+          <link rel="depends-on" href="#au-12.1_smt"/>
         </part>
         <part id="au-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15532,8 +15532,8 @@
         </part>
         <part id="au-12.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12(02)"/>
-          <link rel="depends-on" href="#au-12.2_smt"/>
           <p>a system-wide (logical or physical) audit trail composed of audit records is produced in a standardized format.</p>
+          <link rel="depends-on" href="#au-12.2_smt"/>
         </part>
         <part id="au-12.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15616,17 +15616,17 @@
         </part>
         <part id="au-12.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12(03)"/>
-          <link rel="depends-on" href="#au-12.3_smt"/>
           <part id="au-12.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-12(03)[01]"/>
-            <link rel="depends-on" href="#au-12.3_smt"/>
             <p>the capability for <insert type="param" id-ref="au-12.03_odp.01"/> to change the logging to be performed on <insert type="param" id-ref="au-12.03_odp.02"/> based on <insert type="param" id-ref="au-12.03_odp.03"/> within <insert type="param" id-ref="au-12.03_odp.04"/> is provided;</p>
+            <link rel="depends-on" href="#au-12.3_smt"/>
           </part>
           <part id="au-12.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-12(03)[02]"/>
-            <link rel="depends-on" href="#au-12.3_smt"/>
             <p>the capability for <insert type="param" id-ref="au-12.03_odp.01"/> to change the logging to be performed on <insert type="param" id-ref="au-12.03_odp.02"/> based on <insert type="param" id-ref="au-12.03_odp.03"/> within <insert type="param" id-ref="au-12.03_odp.04"/> is implemented.</p>
+            <link rel="depends-on" href="#au-12.3_smt"/>
           </part>
+          <link rel="depends-on" href="#au-12.3_smt"/>
         </part>
         <part id="au-12.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15676,17 +15676,17 @@
         </part>
         <part id="au-12.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-12(04)"/>
-          <link rel="depends-on" href="#au-12.4_smt"/>
           <part id="au-12.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-12(04)[01]"/>
-            <link rel="depends-on" href="#au-12.4_smt"/>
             <p>the capability to audit the parameters of user query events for data sets containing personally identifiable information is provided;</p>
+            <link rel="depends-on" href="#au-12.4_smt"/>
           </part>
           <part id="au-12.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-12(04)[02]"/>
-            <link rel="depends-on" href="#au-12.4_smt"/>
             <p>the capability to audit the parameters of user query events for data sets containing personally identifiable information is implemented.</p>
+            <link rel="depends-on" href="#au-12.4_smt"/>
           </part>
+          <link rel="depends-on" href="#au-12.4_smt"/>
         </part>
         <part id="au-12.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15791,26 +15791,26 @@
       </part>
       <part id="au-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-13"/>
-        <link rel="depends-on" href="#au-13_smt"/>
         <part id="au-13_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-13a."/>
-          <link rel="depends-on" href="#au-13_smt.a"/>
           <p><insert type="param" id-ref="au-13_odp.01"/> is/are monitored <insert type="param" id-ref="au-13_odp.02"/> for evidence of unauthorized disclosure of organizational information;</p>
+          <link rel="depends-on" href="#au-13_smt.a"/>
         </part>
         <part id="au-13_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-13b."/>
-          <link rel="depends-on" href="#au-13_smt.b"/>
           <part id="au-13_obj.b.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-13b.01"/>
-            <link rel="depends-on" href="#au-13_smt.b.1"/>
             <p><insert type="param" id-ref="au-13_odp.03"/> are notified if an information disclosure is discovered;</p>
+            <link rel="depends-on" href="#au-13_smt.b.1"/>
           </part>
           <part id="au-13_obj.b.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-13b.02"/>
-            <link rel="depends-on" href="#au-13_smt.b.2"/>
             <p><insert type="param" id-ref="au-13_odp.04"/> are taken if an information disclosure is discovered.</p>
+            <link rel="depends-on" href="#au-13_smt.b.2"/>
           </part>
+          <link rel="depends-on" href="#au-13_smt.b"/>
         </part>
+        <link rel="depends-on" href="#au-13_smt"/>
       </part>
       <part id="au-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15867,8 +15867,8 @@
         </part>
         <part id="au-13.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-13(01)"/>
-          <link rel="depends-on" href="#au-13.1_smt"/>
           <p>open-source information and information sites are monitored using <insert type="param" id-ref="au-13.01_odp"/>.</p>
+          <link rel="depends-on" href="#au-13.1_smt"/>
         </part>
         <part id="au-13.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15925,8 +15925,8 @@
         </part>
         <part id="au-13.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-13(02)"/>
-          <link rel="depends-on" href="#au-13.2_smt"/>
           <p>the list of open-source information sites being monitored is reviewed <insert type="param" id-ref="au-13.02_odp"/>.</p>
+          <link rel="depends-on" href="#au-13.2_smt"/>
         </part>
         <part id="au-13.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -15976,8 +15976,8 @@
         </part>
         <part id="au-13.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-13(03)"/>
-          <link rel="depends-on" href="#au-13.3_smt"/>
           <p>discovery techniques, processes, and tools are employed to determine if external entities are replicating organizational information in an unauthorized manner.</p>
+          <link rel="depends-on" href="#au-13.3_smt"/>
         </part>
         <part id="au-13.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16070,40 +16070,40 @@
       </part>
       <part id="au-14_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-14"/>
-        <link rel="depends-on" href="#au-14_smt"/>
         <part id="au-14_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-14a."/>
-          <link rel="depends-on" href="#au-14_smt.a"/>
           <part id="au-14_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14a.[01]"/>
-            <link rel="depends-on" href="#au-14_smt.a"/>
             <p><insert type="param" id-ref="au-14_odp.01"/> are provided with the capability to <insert type="param" id-ref="au-14_odp.02"/> the content of a user session under <insert type="param" id-ref="au-14_odp.03"/>;</p>
+            <link rel="depends-on" href="#au-14_smt.a"/>
           </part>
           <part id="au-14_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14a.[02]"/>
-            <link rel="depends-on" href="#au-14_smt.a"/>
             <p>the capability for <insert type="param" id-ref="au-14_odp.01"/> to <insert type="param" id-ref="au-14_odp.02"/> the content of a user session under <insert type="param" id-ref="au-14_odp.03"/> is implemented;</p>
+            <link rel="depends-on" href="#au-14_smt.a"/>
           </part>
+          <link rel="depends-on" href="#au-14_smt.a"/>
         </part>
         <part id="au-14_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-14b."/>
-          <link rel="depends-on" href="#au-14_smt.b"/>
           <part id="au-14_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14b.[01]"/>
-            <link rel="depends-on" href="#au-14_smt.b"/>
             <p>session auditing activities are developed in consultation with legal counsel and in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+            <link rel="depends-on" href="#au-14_smt.b"/>
           </part>
           <part id="au-14_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14b.[02]"/>
-            <link rel="depends-on" href="#au-14_smt.b"/>
             <p>session auditing activities are integrated in consultation with legal counsel and in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+            <link rel="depends-on" href="#au-14_smt.b"/>
           </part>
           <part id="au-14_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14b.[03]"/>
-            <link rel="depends-on" href="#au-14_smt.b"/>
             <p>session auditing activities are used in consultation with legal counsel and in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+            <link rel="depends-on" href="#au-14_smt.b"/>
           </part>
+          <link rel="depends-on" href="#au-14_smt.b"/>
         </part>
+        <link rel="depends-on" href="#au-14_smt"/>
       </part>
       <part id="au-14_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16153,8 +16153,8 @@
         </part>
         <part id="au-14.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-14(01)"/>
-          <link rel="depends-on" href="#au-14.1_smt"/>
           <p>session audits are initiated automatically at system start-up.</p>
+          <link rel="depends-on" href="#au-14.1_smt"/>
         </part>
         <part id="au-14.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16212,17 +16212,17 @@
         </part>
         <part id="au-14.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-14(03)"/>
-          <link rel="depends-on" href="#au-14.3_smt"/>
           <part id="au-14.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14(03)[01]"/>
-            <link rel="depends-on" href="#au-14.3_smt"/>
             <p>the capability for authorized users to remotely view and hear content related to an established user session in real time is provided;</p>
+            <link rel="depends-on" href="#au-14.3_smt"/>
           </part>
           <part id="au-14.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="AU-14(03)[02]"/>
-            <link rel="depends-on" href="#au-14.3_smt"/>
             <p>the capability for authorized users to remotely view and hear content related to an established user session in real time is implemented.</p>
+            <link rel="depends-on" href="#au-14.3_smt"/>
           </part>
+          <link rel="depends-on" href="#au-14.3_smt"/>
         </part>
         <part id="au-14.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16301,8 +16301,8 @@
       </part>
       <part id="au-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="AU-16"/>
-        <link rel="depends-on" href="#au-16_smt"/>
         <p><insert type="param" id-ref="au-16_odp.01"/> for coordinating <insert type="param" id-ref="au-16_odp.02"/> among external organizations when audit information is transmitted across organizational boundaries are employed.</p>
+        <link rel="depends-on" href="#au-16_smt"/>
       </part>
       <part id="au-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16352,8 +16352,8 @@
         </part>
         <part id="au-16.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-16(01)"/>
-          <link rel="depends-on" href="#au-16.1_smt"/>
           <p>the identity of individuals in cross-organizational audit trails is preserved.</p>
+          <link rel="depends-on" href="#au-16.1_smt"/>
         </part>
         <part id="au-16.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16418,8 +16418,8 @@
         </part>
         <part id="au-16.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-16(02)"/>
-          <link rel="depends-on" href="#au-16.2_smt"/>
           <p>cross-organizational audit information is provided to <insert type="param" id-ref="au-16.02_odp.01"/> based on <insert type="param" id-ref="au-16.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#au-16.2_smt"/>
         </part>
         <part id="au-16.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16465,8 +16465,8 @@
         </part>
         <part id="au-16.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="AU-16(03)"/>
-          <link rel="depends-on" href="#au-16.3_smt"/>
           <p><insert type="param" id-ref="au-16.03_odp"/> are implemented to disassociate individuals from audit information transmitted across organizational boundaries.</p>
+          <link rel="depends-on" href="#au-16.3_smt"/>
         </part>
         <part id="au-16.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16634,116 +16634,116 @@
       </part>
       <part id="ca-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-01"/>
-        <link rel="depends-on" href="#ca-1_smt"/>
         <part id="ca-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-01a."/>
-          <link rel="depends-on" href="#ca-1_smt.a"/>
           <part id="ca-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01a.[01]"/>
-            <link rel="depends-on" href="#ca-1_smt.a"/>
             <p>an assessment, authorization, and monitoring policy is developed and documented;</p>
+            <link rel="depends-on" href="#ca-1_smt.a"/>
           </part>
           <part id="ca-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01a.[02]"/>
-            <link rel="depends-on" href="#ca-1_smt.a"/>
             <p>the assessment, authorization, and monitoring policy is disseminated to <insert type="param" id-ref="ca-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ca-1_smt.a"/>
           </part>
           <part id="ca-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01a.[03]"/>
-            <link rel="depends-on" href="#ca-1_smt.a"/>
             <p>assessment, authorization, and monitoring procedures to facilitate the implementation of the assessment, authorization, and monitoring policy and associated assessment, authorization, and monitoring controls are developed and documented;</p>
+            <link rel="depends-on" href="#ca-1_smt.a"/>
           </part>
           <part id="ca-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01a.[04]"/>
-            <link rel="depends-on" href="#ca-1_smt.a"/>
             <p>the assessment, authorization, and monitoring procedures are disseminated to <insert type="param" id-ref="ca-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ca-1_smt.a"/>
           </part>
           <part id="ca-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01a.01"/>
-            <link rel="depends-on" href="#ca-1_smt.a.1"/>
             <part id="ca-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-01a.01(a)"/>
-              <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               <part id="ca-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses purpose;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
               <part id="ca-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses scope;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
               <part id="ca-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses roles;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
               <part id="ca-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
               <part id="ca-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
               <part id="ca-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
               <part id="ca-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CA-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy addresses compliance;</p>
+                <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ca-1_smt.a.1.a"/>
             </part>
             <part id="ca-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-01a.01(b)"/>
-              <link rel="depends-on" href="#ca-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ca-01_odp.03"/> assessment, authorization, and monitoring policy is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ca-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ca-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ca-1_smt.a"/>
         </part>
         <part id="ca-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-01b."/>
-          <link rel="depends-on" href="#ca-1_smt.b"/>
           <p>the <insert type="param" id-ref="ca-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the assessment, authorization, and monitoring policy and procedures;</p>
+          <link rel="depends-on" href="#ca-1_smt.b"/>
         </part>
         <part id="ca-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-01c."/>
-          <link rel="depends-on" href="#ca-1_smt.c"/>
           <part id="ca-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01c.01"/>
-            <link rel="depends-on" href="#ca-1_smt.c.1"/>
             <part id="ca-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-01c.01[01]"/>
-              <link rel="depends-on" href="#ca-1_smt.c.1"/>
               <p>the current assessment, authorization, and monitoring policy is reviewed and updated <insert type="param" id-ref="ca-01_odp.05"/>; </p>
+              <link rel="depends-on" href="#ca-1_smt.c.1"/>
             </part>
             <part id="ca-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-01c.01[02]"/>
-              <link rel="depends-on" href="#ca-1_smt.c.1"/>
               <p>the current assessment, authorization, and monitoring policy is reviewed and updated following <insert type="param" id-ref="ca-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ca-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ca-1_smt.c.1"/>
           </part>
           <part id="ca-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-01c.02"/>
-            <link rel="depends-on" href="#ca-1_smt.c.2"/>
             <part id="ca-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-01c.02[01]"/>
-              <link rel="depends-on" href="#ca-1_smt.c.2"/>
               <p>the current assessment, authorization, and monitoring procedures are reviewed and updated <insert type="param" id-ref="ca-01_odp.07"/>; </p>
+              <link rel="depends-on" href="#ca-1_smt.c.2"/>
             </part>
             <part id="ca-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-01c.02[02]"/>
-              <link rel="depends-on" href="#ca-1_smt.c.2"/>
               <p>the current assessment, authorization, and monitoring procedures are reviewed and updated following <insert type="param" id-ref="ca-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ca-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ca-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ca-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ca-1_smt"/>
       </part>
       <part id="ca-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16858,74 +16858,74 @@
       </part>
       <part id="ca-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-02"/>
-        <link rel="depends-on" href="#ca-2_smt"/>
         <part id="ca-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02a."/>
-          <link rel="depends-on" href="#ca-2_smt.a"/>
           <p>an appropriate assessor or assessment team is selected for the type of assessment to be conducted;</p>
+          <link rel="depends-on" href="#ca-2_smt.a"/>
         </part>
         <part id="ca-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02b."/>
-          <link rel="depends-on" href="#ca-2_smt.b"/>
           <part id="ca-2_obj.b.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-02b.01"/>
-            <link rel="depends-on" href="#ca-2_smt.b.1"/>
             <p>a control assessment plan is developed that describes the scope of the assessment, including controls and control enhancements under assessment;</p>
+            <link rel="depends-on" href="#ca-2_smt.b.1"/>
           </part>
           <part id="ca-2_obj.b.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-02b.02"/>
-            <link rel="depends-on" href="#ca-2_smt.b.2"/>
             <p>a control assessment plan is developed that describes the scope of the assessment, including assessment procedures to be used to determine control effectiveness;</p>
+            <link rel="depends-on" href="#ca-2_smt.b.2"/>
           </part>
           <part id="ca-2_obj.b.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-02b.03"/>
-            <link rel="depends-on" href="#ca-2_smt.b.3"/>
             <part id="ca-2_obj.b.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-02b.03[01]"/>
-              <link rel="depends-on" href="#ca-2_smt.b.3"/>
               <p>a control assessment plan is developed that describes the scope of the assessment, including the assessment environment;</p>
+              <link rel="depends-on" href="#ca-2_smt.b.3"/>
             </part>
             <part id="ca-2_obj.b.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-02b.03[02]"/>
-              <link rel="depends-on" href="#ca-2_smt.b.3"/>
               <p>a control assessment plan is developed that describes the scope of the assessment, including the assessment team;</p>
+              <link rel="depends-on" href="#ca-2_smt.b.3"/>
             </part>
             <part id="ca-2_obj.b.3-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CA-02b.03[03]"/>
-              <link rel="depends-on" href="#ca-2_smt.b.3"/>
               <p>a control assessment plan is developed that describes the scope of the assessment, including assessment roles and responsibilities;</p>
+              <link rel="depends-on" href="#ca-2_smt.b.3"/>
             </part>
+            <link rel="depends-on" href="#ca-2_smt.b.3"/>
           </part>
+          <link rel="depends-on" href="#ca-2_smt.b"/>
         </part>
         <part id="ca-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02c."/>
-          <link rel="depends-on" href="#ca-2_smt.c"/>
           <p>the control assessment plan is reviewed and approved by the authorizing official or designated representative prior to conducting the assessment;</p>
+          <link rel="depends-on" href="#ca-2_smt.c"/>
         </part>
         <part id="ca-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02d."/>
-          <link rel="depends-on" href="#ca-2_smt.d"/>
           <part id="ca-2_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-02d.[01]"/>
-            <link rel="depends-on" href="#ca-2_smt.d"/>
             <p>controls are assessed in the system and its environment of operation <insert type="param" id-ref="ca-02_odp.01"/> to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting established security requirements;</p>
+            <link rel="depends-on" href="#ca-2_smt.d"/>
           </part>
           <part id="ca-2_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-02d.[02]"/>
-            <link rel="depends-on" href="#ca-2_smt.d"/>
             <p>controls are assessed in the system and its environment of operation <insert type="param" id-ref="ca-02_odp.01"/> to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting established privacy requirements;</p>
+            <link rel="depends-on" href="#ca-2_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ca-2_smt.d"/>
         </part>
         <part id="ca-2_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02e."/>
-          <link rel="depends-on" href="#ca-2_smt.e"/>
           <p>a control assessment report is produced that documents the results of the assessment;</p>
+          <link rel="depends-on" href="#ca-2_smt.e"/>
         </part>
         <part id="ca-2_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02f."/>
-          <link rel="depends-on" href="#ca-2_smt.f"/>
           <p>the results of the control assessment are provided to <insert type="param" id-ref="ca-02_odp.02"/>.</p>
+          <link rel="depends-on" href="#ca-2_smt.f"/>
         </part>
+        <link rel="depends-on" href="#ca-2_smt"/>
       </part>
       <part id="ca-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -16974,8 +16974,8 @@
         </part>
         <part id="ca-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02(01)"/>
-          <link rel="depends-on" href="#ca-2.1_smt"/>
           <p>independent assessors or assessment teams are employed to conduct control assessments.</p>
+          <link rel="depends-on" href="#ca-2.1_smt"/>
         </part>
         <part id="ca-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17059,8 +17059,8 @@
         </part>
         <part id="ca-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02(02)"/>
-          <link rel="depends-on" href="#ca-2.2_smt"/>
           <p><insert type="param" id-ref="ca-02.02_odp.01"/> <insert type="param" id-ref="ca-02.02_odp.02"/> <insert type="param" id-ref="ca-02.02_odp.03"/> are included as part of control assessments.</p>
+          <link rel="depends-on" href="#ca-2.2_smt"/>
         </part>
         <part id="ca-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17134,8 +17134,8 @@
         </part>
         <part id="ca-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-02(03)"/>
-          <link rel="depends-on" href="#ca-2.3_smt"/>
           <p>the results of control assessments performed by <insert type="param" id-ref="ca-02.03_odp.01"/> on <insert type="param" id-ref="ca-02.03_odp.02"/> are leveraged when the assessment meets <insert type="param" id-ref="ca-02.03_odp.03"/>.</p>
+          <link rel="depends-on" href="#ca-2.3_smt"/>
         </part>
         <part id="ca-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17235,51 +17235,51 @@
       </part>
       <part id="ca-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-03"/>
-        <link rel="depends-on" href="#ca-3_smt"/>
         <part id="ca-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-03a."/>
-          <link rel="depends-on" href="#ca-3_smt.a"/>
           <p>the exchange of information between the system and other systems is approved and managed using <insert type="param" id-ref="ca-03_odp.01"/>;</p>
+          <link rel="depends-on" href="#ca-3_smt.a"/>
         </part>
         <part id="ca-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-03b."/>
-          <link rel="depends-on" href="#ca-3_smt.b"/>
           <part id="ca-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03b.[01]"/>
-            <link rel="depends-on" href="#ca-3_smt.b"/>
             <p>the interface characteristics are documented as part of each exchange agreement;</p>
+            <link rel="depends-on" href="#ca-3_smt.b"/>
           </part>
           <part id="ca-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03b.[02]"/>
-            <link rel="depends-on" href="#ca-3_smt.b"/>
             <p>security requirements are documented as part of each exchange agreement;</p>
+            <link rel="depends-on" href="#ca-3_smt.b"/>
           </part>
           <part id="ca-3_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03b.[03]"/>
-            <link rel="depends-on" href="#ca-3_smt.b"/>
             <p>privacy requirements are documented as part of each exchange agreement;</p>
+            <link rel="depends-on" href="#ca-3_smt.b"/>
           </part>
           <part id="ca-3_obj.b-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03b.[04]"/>
-            <link rel="depends-on" href="#ca-3_smt.b"/>
             <p>controls are documented as part of each exchange agreement;</p>
+            <link rel="depends-on" href="#ca-3_smt.b"/>
           </part>
           <part id="ca-3_obj.b-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03b.[05]"/>
-            <link rel="depends-on" href="#ca-3_smt.b"/>
             <p>responsibilities for each system are documented as part of each exchange agreement;</p>
+            <link rel="depends-on" href="#ca-3_smt.b"/>
           </part>
           <part id="ca-3_obj.b-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03b.[06]"/>
-            <link rel="depends-on" href="#ca-3_smt.b"/>
             <p>the impact level of the information communicated is documented as part of each exchange agreement;</p>
+            <link rel="depends-on" href="#ca-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ca-3_smt.b"/>
         </part>
         <part id="ca-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-03c."/>
-          <link rel="depends-on" href="#ca-3_smt.c"/>
           <p>agreements are reviewed and updated <insert type="param" id-ref="ca-03_odp.03"/>.</p>
+          <link rel="depends-on" href="#ca-3_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ca-3_smt"/>
       </part>
       <part id="ca-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17371,8 +17371,8 @@
         </part>
         <part id="ca-3.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-03(06)"/>
-          <link rel="depends-on" href="#ca-3.6_smt"/>
           <p>individuals or systems transferring data between interconnecting systems have the requisite authorizations (i.e., write permissions or privileges) prior to accepting such data.</p>
+          <link rel="depends-on" href="#ca-3.6_smt"/>
         </part>
         <part id="ca-3.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17437,17 +17437,17 @@
         </part>
         <part id="ca-3.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-03(07)"/>
-          <link rel="depends-on" href="#ca-3.7_smt"/>
           <part id="ca-3.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03(07)(a)"/>
-            <link rel="depends-on" href="#ca-3.7_smt.a"/>
             <p>transitive (downstream) information exchanges with other systems through the systems identified in CA-03a are identified;</p>
+            <link rel="depends-on" href="#ca-3.7_smt.a"/>
           </part>
           <part id="ca-3.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-03(07)(b)"/>
-            <link rel="depends-on" href="#ca-3.7_smt.b"/>
             <p>measures are taken to ensure that transitive (downstream) information exchanges cease when the controls on identified transitive (downstream) systems cannot be verified or validated.</p>
+            <link rel="depends-on" href="#ca-3.7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ca-3.7_smt"/>
         </part>
         <part id="ca-3.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17535,17 +17535,17 @@
       </part>
       <part id="ca-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-05"/>
-        <link rel="depends-on" href="#ca-5_smt"/>
         <part id="ca-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-05a."/>
-          <link rel="depends-on" href="#ca-5_smt.a"/>
           <p>a plan of action and milestones for the system is developed to document the planned remediation actions of the organization to correct weaknesses or deficiencies noted during the assessment of the controls and to reduce or eliminate known vulnerabilities in the system;</p>
+          <link rel="depends-on" href="#ca-5_smt.a"/>
         </part>
         <part id="ca-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-05b."/>
-          <link rel="depends-on" href="#ca-5_smt.b"/>
           <p>existing plan of action and milestones are updated <insert type="param" id-ref="ca-05_odp"/> based on the findings from control assessments, independent audits or reviews, and continuous monitoring activities.</p>
+          <link rel="depends-on" href="#ca-5_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ca-5_smt"/>
       </part>
       <part id="ca-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17601,8 +17601,8 @@
         </part>
         <part id="ca-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-05(01)"/>
-          <link rel="depends-on" href="#ca-5.1_smt"/>
           <p><insert type="param" id-ref="ca-05.01_odp"/> are used to ensure the accuracy, currency, and availability of the plan of action and milestones for the system.</p>
+          <link rel="depends-on" href="#ca-5.1_smt"/>
         </part>
         <part id="ca-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17698,41 +17698,41 @@
       </part>
       <part id="ca-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-06"/>
-        <link rel="depends-on" href="#ca-6_smt"/>
         <part id="ca-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06a."/>
-          <link rel="depends-on" href="#ca-6_smt.a"/>
           <p>a senior official is assigned as the authorizing official for the system;</p>
+          <link rel="depends-on" href="#ca-6_smt.a"/>
         </part>
         <part id="ca-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06b."/>
-          <link rel="depends-on" href="#ca-6_smt.b"/>
           <p>a senior official is assigned as the authorizing official for common controls available for inheritance by organizational systems;</p>
+          <link rel="depends-on" href="#ca-6_smt.b"/>
         </part>
         <part id="ca-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06c."/>
-          <link rel="depends-on" href="#ca-6_smt.c"/>
           <part id="ca-6_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-06c.01"/>
-            <link rel="depends-on" href="#ca-6_smt.c.1"/>
             <p>before commencing operations, the authorizing official for the system accepts the use of common controls inherited by the system;</p>
+            <link rel="depends-on" href="#ca-6_smt.c.1"/>
           </part>
           <part id="ca-6_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-06c.02"/>
-            <link rel="depends-on" href="#ca-6_smt.c.2"/>
             <p>before commencing operations, the authorizing official for the system authorizes the system to operate;</p>
+            <link rel="depends-on" href="#ca-6_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ca-6_smt.c"/>
         </part>
         <part id="ca-6_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06d."/>
-          <link rel="depends-on" href="#ca-6_smt.d"/>
           <p>the authorizing official for common controls authorizes the use of those controls for inheritance by organizational systems;</p>
+          <link rel="depends-on" href="#ca-6_smt.d"/>
         </part>
         <part id="ca-6_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06e."/>
-          <link rel="depends-on" href="#ca-6_smt.e"/>
           <p>the authorizations are updated <insert type="param" id-ref="ca-06_odp"/>.</p>
+          <link rel="depends-on" href="#ca-6_smt.e"/>
         </part>
+        <link rel="depends-on" href="#ca-6_smt"/>
       </part>
       <part id="ca-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17777,17 +17777,17 @@
         </part>
         <part id="ca-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06(01)"/>
-          <link rel="depends-on" href="#ca-6.1_smt"/>
           <part id="ca-6.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-06(01)[01]"/>
-            <link rel="depends-on" href="#ca-6.1_smt"/>
             <p>a joint authorization process is employed for the system;</p>
+            <link rel="depends-on" href="#ca-6.1_smt"/>
           </part>
           <part id="ca-6.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-06(01)[02]"/>
-            <link rel="depends-on" href="#ca-6.1_smt"/>
             <p>the joint authorization process employed for the system includes multiple authorizing officials from the same organization conducting the authorization.</p>
+            <link rel="depends-on" href="#ca-6.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ca-6.1_smt"/>
         </part>
         <part id="ca-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -17836,17 +17836,17 @@
         </part>
         <part id="ca-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-06(02)"/>
-          <link rel="depends-on" href="#ca-6.2_smt"/>
           <part id="ca-6.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-06(02)[01]"/>
-            <link rel="depends-on" href="#ca-6.2_smt"/>
             <p>a joint authorization process is employed for the system;</p>
+            <link rel="depends-on" href="#ca-6.2_smt"/>
           </part>
           <part id="ca-6.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-06(02)[02]"/>
-            <link rel="depends-on" href="#ca-6.2_smt"/>
             <p>the joint authorization process employed for the system includes multiple authorizing officials with at least one authorizing official from an organization external to the organization conducting the authorization.</p>
+            <link rel="depends-on" href="#ca-6.2_smt"/>
           </part>
+          <link rel="depends-on" href="#ca-6.2_smt"/>
         </part>
         <part id="ca-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18044,70 +18044,70 @@
       </part>
       <part id="ca-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-07"/>
-        <link rel="depends-on" href="#ca-7_smt"/>
         <part id="ca-7_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07[01]"/>
-          <link rel="depends-on" href="#ca-7_smt"/>
           <p>a system-level continuous monitoring strategy is developed;</p>
+          <link rel="depends-on" href="#ca-7_smt"/>
         </part>
         <part id="ca-7_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07[02]"/>
-          <link rel="depends-on" href="#ca-7_smt"/>
           <p>system-level continuous monitoring is implemented in accordance with the organization-level continuous monitoring strategy;</p>
+          <link rel="depends-on" href="#ca-7_smt"/>
         </part>
         <part id="ca-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07a."/>
-          <link rel="depends-on" href="#ca-7_smt.a"/>
           <p>system-level continuous monitoring includes establishment of the following system-level metrics to be monitored: <insert type="param" id-ref="ca-07_odp.01"/>;</p>
+          <link rel="depends-on" href="#ca-7_smt.a"/>
         </part>
         <part id="ca-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07b."/>
-          <link rel="depends-on" href="#ca-7_smt.b"/>
           <part id="ca-7_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07b.[01]"/>
-            <link rel="depends-on" href="#ca-7_smt.b"/>
             <p>system-level continuous monitoring includes established <insert type="param" id-ref="ca-07_odp.02"/> for monitoring;</p>
+            <link rel="depends-on" href="#ca-7_smt.b"/>
           </part>
           <part id="ca-7_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07b.[02]"/>
-            <link rel="depends-on" href="#ca-7_smt.b"/>
             <p>system-level continuous monitoring includes established <insert type="param" id-ref="ca-07_odp.03"/> for assessment of control effectiveness;</p>
+            <link rel="depends-on" href="#ca-7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ca-7_smt.b"/>
         </part>
         <part id="ca-7_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07c."/>
-          <link rel="depends-on" href="#ca-7_smt.c"/>
           <p>system-level continuous monitoring includes ongoing control assessments in accordance with the continuous monitoring strategy;</p>
+          <link rel="depends-on" href="#ca-7_smt.c"/>
         </part>
         <part id="ca-7_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07d."/>
-          <link rel="depends-on" href="#ca-7_smt.d"/>
           <p>system-level continuous monitoring includes ongoing monitoring of system and organization-defined metrics in accordance with the continuous monitoring strategy;</p>
+          <link rel="depends-on" href="#ca-7_smt.d"/>
         </part>
         <part id="ca-7_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07e."/>
-          <link rel="depends-on" href="#ca-7_smt.e"/>
           <p>system-level continuous monitoring includes correlation and analysis of information generated by control assessments and monitoring;</p>
+          <link rel="depends-on" href="#ca-7_smt.e"/>
         </part>
         <part id="ca-7_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07f."/>
-          <link rel="depends-on" href="#ca-7_smt.f"/>
           <p>system-level continuous monitoring includes response actions to address the results of the analysis of control assessment and monitoring information;</p>
+          <link rel="depends-on" href="#ca-7_smt.f"/>
         </part>
         <part id="ca-7_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07g."/>
-          <link rel="depends-on" href="#ca-7_smt.g"/>
           <part id="ca-7_obj.g-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07g.[01]"/>
-            <link rel="depends-on" href="#ca-7_smt.g"/>
             <p>system-level continuous monitoring includes reporting the security status of the system to <insert type="param" id-ref="ca-07_odp.04"/> <insert type="param" id-ref="ca-07_odp.05"/>;</p>
+            <link rel="depends-on" href="#ca-7_smt.g"/>
           </part>
           <part id="ca-7_obj.g-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07g.[02]"/>
-            <link rel="depends-on" href="#ca-7_smt.g"/>
             <p>system-level continuous monitoring includes reporting the privacy status of the system to <insert type="param" id-ref="ca-07_odp.06"/> <insert type="param" id-ref="ca-07_odp.07"/>.</p>
+            <link rel="depends-on" href="#ca-7_smt.g"/>
           </part>
+          <link rel="depends-on" href="#ca-7_smt.g"/>
         </part>
+        <link rel="depends-on" href="#ca-7_smt"/>
       </part>
       <part id="ca-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18163,8 +18163,8 @@
         </part>
         <part id="ca-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07(01)"/>
-          <link rel="depends-on" href="#ca-7.1_smt"/>
           <p>independent assessors or assessment teams are employed to monitor the controls in the system on an ongoing basis.</p>
+          <link rel="depends-on" href="#ca-7.1_smt"/>
         </part>
         <part id="ca-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18217,22 +18217,22 @@
         </part>
         <part id="ca-7.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07(03)"/>
-          <link rel="depends-on" href="#ca-7.3_smt"/>
           <part id="ca-7.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(03)[01]"/>
-            <link rel="depends-on" href="#ca-7.3_smt"/>
             <p>trend analysis is employed to determine if control implementations used in the continuous monitoring process need to be modified based on empirical data;</p>
+            <link rel="depends-on" href="#ca-7.3_smt"/>
           </part>
           <part id="ca-7.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(03)[02]"/>
-            <link rel="depends-on" href="#ca-7.3_smt"/>
             <p>trend analysis is employed to determine if the frequency of continuous monitoring activities used in the continuous monitoring process needs to be modified based on empirical data;</p>
+            <link rel="depends-on" href="#ca-7.3_smt"/>
           </part>
           <part id="ca-7.3_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(03)[03]"/>
-            <link rel="depends-on" href="#ca-7.3_smt"/>
             <p>trend analysis is employed to determine if the types of activities used in the continuous monitoring process need to be modified based on empirical data.</p>
+            <link rel="depends-on" href="#ca-7.3_smt"/>
           </part>
+          <link rel="depends-on" href="#ca-7.3_smt"/>
         </part>
         <part id="ca-7.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18298,23 +18298,23 @@
         </part>
         <part id="ca-7.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07(04)"/>
-          <link rel="depends-on" href="#ca-7.4_smt"/>
           <p>risk monitoring is an integral part of the continuous monitoring strategy;</p>
           <part id="ca-7.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(04)(a)"/>
-            <link rel="depends-on" href="#ca-7.4_smt.a"/>
             <p>effectiveness monitoring is included in risk monitoring;</p>
+            <link rel="depends-on" href="#ca-7.4_smt.a"/>
           </part>
           <part id="ca-7.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(04)(b)"/>
-            <link rel="depends-on" href="#ca-7.4_smt.b"/>
             <p>compliance monitoring is included in risk monitoring;</p>
+            <link rel="depends-on" href="#ca-7.4_smt.b"/>
           </part>
           <part id="ca-7.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(04)(c)"/>
-            <link rel="depends-on" href="#ca-7.4_smt.c"/>
             <p>change monitoring is included in risk monitoring.</p>
+            <link rel="depends-on" href="#ca-7.4_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ca-7.4_smt"/>
         </part>
         <part id="ca-7.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18385,17 +18385,17 @@
         </part>
         <part id="ca-7.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07(05)"/>
-          <link rel="depends-on" href="#ca-7.5_smt"/>
           <part id="ca-7.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(05)[01]"/>
-            <link rel="depends-on" href="#ca-7.5_smt"/>
             <p><insert type="param" id-ref="ca-07.05_odp.01"/> are employed to validate that policies are established;</p>
+            <link rel="depends-on" href="#ca-7.5_smt"/>
           </part>
           <part id="ca-7.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-07(05)[02]"/>
-            <link rel="depends-on" href="#ca-7.5_smt"/>
             <p><insert type="param" id-ref="ca-07.05_odp.02"/> are employed to validate that implemented controls are operating in a consistent manner.</p>
+            <link rel="depends-on" href="#ca-7.5_smt"/>
           </part>
+          <link rel="depends-on" href="#ca-7.5_smt"/>
         </part>
         <part id="ca-7.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18455,8 +18455,8 @@
         </part>
         <part id="ca-7.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-07(06)"/>
-          <link rel="depends-on" href="#ca-7.6_smt"/>
           <p><insert type="param" id-ref="ca-07.06_odp"/> are used to ensure the accuracy, currency, and availability of monitoring results for the system.</p>
+          <link rel="depends-on" href="#ca-7.6_smt"/>
         </part>
         <part id="ca-7.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18531,8 +18531,8 @@
       </part>
       <part id="ca-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-08"/>
-        <link rel="depends-on" href="#ca-8_smt"/>
         <p>penetration testing is conducted <insert type="param" id-ref="ca-08_odp.01"/> on <insert type="param" id-ref="ca-08_odp.02"/>.</p>
+        <link rel="depends-on" href="#ca-8_smt"/>
       </part>
       <part id="ca-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18582,8 +18582,8 @@
         </part>
         <part id="ca-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-08(01)"/>
-          <link rel="depends-on" href="#ca-8.1_smt"/>
           <p>an independent penetration testing agent or team is employed to perform penetration testing on the system or system components.</p>
+          <link rel="depends-on" href="#ca-8.1_smt"/>
         </part>
         <part id="ca-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18633,8 +18633,8 @@
         </part>
         <part id="ca-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-08(02)"/>
-          <link rel="depends-on" href="#ca-8.2_smt"/>
           <p><insert type="param" id-ref="ca-08.02_odp"/> are employed to simulate attempts by adversaries to compromise organizational systems in accordance with applicable rules of engagement.</p>
+          <link rel="depends-on" href="#ca-8.2_smt"/>
         </part>
         <part id="ca-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18705,8 +18705,8 @@
         </part>
         <part id="ca-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-08(03)"/>
-          <link rel="depends-on" href="#ca-8.3_smt"/>
           <p>the penetration testing process includes <insert type="param" id-ref="ca-08.03_odp.01"/> <insert type="param" id-ref="ca-08.03_odp.02"/> attempts to bypass or circumvent controls associated with physical access points to facility.</p>
+          <link rel="depends-on" href="#ca-8.3_smt"/>
         </part>
         <part id="ca-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18809,46 +18809,46 @@
       </part>
       <part id="ca-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CA-09"/>
-        <link rel="depends-on" href="#ca-9_smt"/>
         <part id="ca-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-09a."/>
-          <link rel="depends-on" href="#ca-9_smt.a"/>
           <p>internal connections of <insert type="param" id-ref="ca-09_odp.01"/> to the system are authorized;</p>
+          <link rel="depends-on" href="#ca-9_smt.a"/>
         </part>
         <part id="ca-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-09b."/>
-          <link rel="depends-on" href="#ca-9_smt.b"/>
           <part id="ca-9_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-09b.[01]"/>
-            <link rel="depends-on" href="#ca-9_smt.b"/>
             <p>for each internal connection, the interface characteristics are documented;</p>
+            <link rel="depends-on" href="#ca-9_smt.b"/>
           </part>
           <part id="ca-9_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-09b.[02]"/>
-            <link rel="depends-on" href="#ca-9_smt.b"/>
             <p>for each internal connection, the security requirements are documented;</p>
+            <link rel="depends-on" href="#ca-9_smt.b"/>
           </part>
           <part id="ca-9_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-09b.[03]"/>
-            <link rel="depends-on" href="#ca-9_smt.b"/>
             <p>for each internal connection, the privacy requirements are documented;</p>
+            <link rel="depends-on" href="#ca-9_smt.b"/>
           </part>
           <part id="ca-9_obj.b-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-09b.[04]"/>
-            <link rel="depends-on" href="#ca-9_smt.b"/>
             <p>for each internal connection, the nature of the information communicated is documented;</p>
+            <link rel="depends-on" href="#ca-9_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ca-9_smt.b"/>
         </part>
         <part id="ca-9_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-09c."/>
-          <link rel="depends-on" href="#ca-9_smt.c"/>
           <p>internal system connections are terminated after <insert type="param" id-ref="ca-09_odp.02"/>;</p>
+          <link rel="depends-on" href="#ca-9_smt.c"/>
         </part>
         <part id="ca-9_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-09d."/>
-          <link rel="depends-on" href="#ca-9_smt.d"/>
           <p>the continued need for each internal connection is reviewed <insert type="param" id-ref="ca-09_odp.03"/>.</p>
+          <link rel="depends-on" href="#ca-9_smt.d"/>
         </part>
+        <link rel="depends-on" href="#ca-9_smt"/>
       </part>
       <part id="ca-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -18901,17 +18901,17 @@
         </part>
         <part id="ca-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CA-09(01)"/>
-          <link rel="depends-on" href="#ca-9.1_smt"/>
           <part id="ca-9.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-09(01)[01]"/>
-            <link rel="depends-on" href="#ca-9.1_smt"/>
             <p>security compliance checks are performed on constituent system components prior to the establishment of the internal connection;</p>
+            <link rel="depends-on" href="#ca-9.1_smt"/>
           </part>
           <part id="ca-9.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CA-09(01)[02]"/>
-            <link rel="depends-on" href="#ca-9.1_smt"/>
             <p>privacy compliance checks are performed on constituent system components prior to the establishment of the internal connection.</p>
+            <link rel="depends-on" href="#ca-9.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ca-9.1_smt"/>
         </part>
         <part id="ca-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19078,116 +19078,116 @@
       </part>
       <part id="cm-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-01"/>
-        <link rel="depends-on" href="#cm-1_smt"/>
         <part id="cm-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-01a."/>
-          <link rel="depends-on" href="#cm-1_smt.a"/>
           <part id="cm-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01a.[01]"/>
-            <link rel="depends-on" href="#cm-1_smt.a"/>
             <p>a configuration management policy is developed and documented;</p>
+            <link rel="depends-on" href="#cm-1_smt.a"/>
           </part>
           <part id="cm-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01a.[02]"/>
-            <link rel="depends-on" href="#cm-1_smt.a"/>
             <p>the configuration management policy is disseminated to <insert type="param" id-ref="cm-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#cm-1_smt.a"/>
           </part>
           <part id="cm-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01a.[03]"/>
-            <link rel="depends-on" href="#cm-1_smt.a"/>
             <p>configuration management procedures to facilitate the implementation of the configuration management policy and associated configuration management controls are developed and documented;</p>
+            <link rel="depends-on" href="#cm-1_smt.a"/>
           </part>
           <part id="cm-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01a.[04]"/>
-            <link rel="depends-on" href="#cm-1_smt.a"/>
             <p>the configuration management procedures are disseminated to <insert type="param" id-ref="cm-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#cm-1_smt.a"/>
           </part>
           <part id="cm-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01a.01"/>
-            <link rel="depends-on" href="#cm-1_smt.a.1"/>
             <part id="cm-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-01a.01(a)"/>
-              <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               <part id="cm-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses purpose;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
               <part id="cm-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses scope;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
               <part id="cm-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses roles;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
               <part id="cm-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
               <part id="cm-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses management commitment;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
               <part id="cm-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
               <part id="cm-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CM-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cm-01_odp.03"/> of the configuration management policy addresses compliance;</p>
+                <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#cm-1_smt.a.1.a"/>
             </part>
             <part id="cm-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-01a.01(b)"/>
-              <link rel="depends-on" href="#cm-1_smt.a.1.b"/>
               <p>the configuration management policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#cm-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#cm-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#cm-1_smt.a"/>
         </part>
         <part id="cm-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-01b."/>
-          <link rel="depends-on" href="#cm-1_smt.b"/>
           <p>the <insert type="param" id-ref="cm-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the configuration management policy and procedures;</p>
+          <link rel="depends-on" href="#cm-1_smt.b"/>
         </part>
         <part id="cm-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-01c."/>
-          <link rel="depends-on" href="#cm-1_smt.c"/>
           <part id="cm-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01c.01"/>
-            <link rel="depends-on" href="#cm-1_smt.c.1"/>
             <part id="cm-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-01c.01[01]"/>
-              <link rel="depends-on" href="#cm-1_smt.c.1"/>
               <p>the current configuration management policy is reviewed and updated <insert type="param" id-ref="cm-01_odp.05"/>; </p>
+              <link rel="depends-on" href="#cm-1_smt.c.1"/>
             </part>
             <part id="cm-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-01c.01[02]"/>
-              <link rel="depends-on" href="#cm-1_smt.c.1"/>
               <p>the current configuration management policy is reviewed and updated following <insert type="param" id-ref="cm-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#cm-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#cm-1_smt.c.1"/>
           </part>
           <part id="cm-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-01c.02"/>
-            <link rel="depends-on" href="#cm-1_smt.c.2"/>
             <part id="cm-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-01c.02[01]"/>
-              <link rel="depends-on" href="#cm-1_smt.c.2"/>
               <p>the current configuration management procedures are reviewed and updated <insert type="param" id-ref="cm-01_odp.07"/>; </p>
+              <link rel="depends-on" href="#cm-1_smt.c.2"/>
             </part>
             <part id="cm-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-01c.02[02]"/>
-              <link rel="depends-on" href="#cm-1_smt.c.2"/>
               <p>the current configuration management procedures are reviewed and updated following <insert type="param" id-ref="cm-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#cm-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#cm-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#cm-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cm-1_smt"/>
       </part>
       <part id="cm-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19283,40 +19283,40 @@
       </part>
       <part id="cm-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-02"/>
-        <link rel="depends-on" href="#cm-2_smt"/>
         <part id="cm-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-02a."/>
-          <link rel="depends-on" href="#cm-2_smt.a"/>
           <part id="cm-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02a.[01]"/>
-            <link rel="depends-on" href="#cm-2_smt.a"/>
             <p>a current baseline configuration of the system is developed and documented;</p>
+            <link rel="depends-on" href="#cm-2_smt.a"/>
           </part>
           <part id="cm-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02a.[02]"/>
-            <link rel="depends-on" href="#cm-2_smt.a"/>
             <p>a current baseline configuration of the system is maintained under configuration control;</p>
+            <link rel="depends-on" href="#cm-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#cm-2_smt.a"/>
         </part>
         <part id="cm-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-02b."/>
-          <link rel="depends-on" href="#cm-2_smt.b"/>
           <part id="cm-2_obj.b.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02b.01"/>
-            <link rel="depends-on" href="#cm-2_smt.b.1"/>
             <p>the baseline configuration of the system is reviewed and updated <insert type="param" id-ref="cm-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#cm-2_smt.b.1"/>
           </part>
           <part id="cm-2_obj.b.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02b.02"/>
-            <link rel="depends-on" href="#cm-2_smt.b.2"/>
             <p>the baseline configuration of the system is reviewed and updated when required due to <insert type="param" id-ref="cm-02_odp.02"/>;</p>
+            <link rel="depends-on" href="#cm-2_smt.b.2"/>
           </part>
           <part id="cm-2_obj.b.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02b.03"/>
-            <link rel="depends-on" href="#cm-2_smt.b.3"/>
             <p>the baseline configuration of the system is reviewed and updated when system components are installed or upgraded.</p>
+            <link rel="depends-on" href="#cm-2_smt.b.3"/>
           </part>
+          <link rel="depends-on" href="#cm-2_smt.b"/>
         </part>
+        <link rel="depends-on" href="#cm-2_smt"/>
       </part>
       <part id="cm-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19388,27 +19388,27 @@
         </part>
         <part id="cm-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-02(02)"/>
-          <link rel="depends-on" href="#cm-2.2_smt"/>
           <part id="cm-2.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(02)[01]"/>
-            <link rel="depends-on" href="#cm-2.2_smt"/>
             <p>the currency of the baseline configuration of the system is maintained using <insert type="param" id-ref="cm-02.02_odp"/>;</p>
+            <link rel="depends-on" href="#cm-2.2_smt"/>
           </part>
           <part id="cm-2.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(02)[02]"/>
-            <link rel="depends-on" href="#cm-2.2_smt"/>
             <p>the completeness of the baseline configuration of the system is maintained using <insert type="param" id-ref="cm-02.02_odp"/>;</p>
+            <link rel="depends-on" href="#cm-2.2_smt"/>
           </part>
           <part id="cm-2.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(02)[03]"/>
-            <link rel="depends-on" href="#cm-2.2_smt"/>
             <p>the accuracy of the baseline configuration of the system is maintained using <insert type="param" id-ref="cm-02.02_odp"/>;</p>
+            <link rel="depends-on" href="#cm-2.2_smt"/>
           </part>
           <part id="cm-2.2_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(02)[04]"/>
-            <link rel="depends-on" href="#cm-2.2_smt"/>
             <p>the availability of the baseline configuration of the system is maintained using <insert type="param" id-ref="cm-02.02_odp"/>.</p>
+            <link rel="depends-on" href="#cm-2.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-2.2_smt"/>
         </part>
         <part id="cm-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19468,8 +19468,8 @@
         </part>
         <part id="cm-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-02(03)"/>
-          <link rel="depends-on" href="#cm-2.3_smt"/>
           <p><insert type="param" id-ref="cm-02.03_odp"/> of previous baseline configuration version(s) of the system is/are retained to support rollback.</p>
+          <link rel="depends-on" href="#cm-2.3_smt"/>
         </part>
         <part id="cm-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19537,17 +19537,17 @@
         </part>
         <part id="cm-2.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-02(06)"/>
-          <link rel="depends-on" href="#cm-2.6_smt"/>
           <part id="cm-2.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(06)[01]"/>
-            <link rel="depends-on" href="#cm-2.6_smt"/>
             <p>a baseline configuration for system development environments that is managed separately from the operational baseline configuration is maintained;</p>
+            <link rel="depends-on" href="#cm-2.6_smt"/>
           </part>
           <part id="cm-2.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(06)[02]"/>
-            <link rel="depends-on" href="#cm-2.6_smt"/>
             <p>a baseline configuration for test environments that is managed separately from the operational baseline configuration is maintained.</p>
+            <link rel="depends-on" href="#cm-2.6_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-2.6_smt"/>
         </part>
         <part id="cm-2.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19630,17 +19630,17 @@
         </part>
         <part id="cm-2.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-02(07)"/>
-          <link rel="depends-on" href="#cm-2.7_smt"/>
           <part id="cm-2.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(07)(a)"/>
-            <link rel="depends-on" href="#cm-2.7_smt.a"/>
             <p><insert type="param" id-ref="cm-02.07_odp.01"/> with <insert type="param" id-ref="cm-02.07_odp.02"/> are issued to individuals traveling to locations that the organization deems to be of significant risk;</p>
+            <link rel="depends-on" href="#cm-2.7_smt.a"/>
           </part>
           <part id="cm-2.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-02(07)(b)"/>
-            <link rel="depends-on" href="#cm-2.7_smt.b"/>
             <p><insert type="param" id-ref="cm-02.07_odp.03"/> are applied to the systems or system components when the individuals return from travel.</p>
+            <link rel="depends-on" href="#cm-2.7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-2.7_smt"/>
         </part>
         <part id="cm-2.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19786,69 +19786,69 @@
       </part>
       <part id="cm-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-03"/>
-        <link rel="depends-on" href="#cm-3_smt"/>
         <part id="cm-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03a."/>
-          <link rel="depends-on" href="#cm-3_smt.a"/>
           <p>the types of changes to the system that are configuration-controlled are determined and documented;</p>
+          <link rel="depends-on" href="#cm-3_smt.a"/>
         </part>
         <part id="cm-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03b."/>
-          <link rel="depends-on" href="#cm-3_smt.b"/>
           <part id="cm-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03b.[01]"/>
-            <link rel="depends-on" href="#cm-3_smt.b"/>
             <p>proposed configuration-controlled changes to the system are reviewed;</p>
+            <link rel="depends-on" href="#cm-3_smt.b"/>
           </part>
           <part id="cm-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03b.[02]"/>
-            <link rel="depends-on" href="#cm-3_smt.b"/>
             <p>proposed configuration-controlled changes to the system are approved or disapproved with explicit consideration for security and privacy impact analyses;</p>
+            <link rel="depends-on" href="#cm-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-3_smt.b"/>
         </part>
         <part id="cm-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03c."/>
-          <link rel="depends-on" href="#cm-3_smt.c"/>
           <p>configuration change decisions associated with the system are documented;</p>
+          <link rel="depends-on" href="#cm-3_smt.c"/>
         </part>
         <part id="cm-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03d."/>
-          <link rel="depends-on" href="#cm-3_smt.d"/>
           <p>approved configuration-controlled changes to the system are implemented;</p>
+          <link rel="depends-on" href="#cm-3_smt.d"/>
         </part>
         <part id="cm-3_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03e."/>
-          <link rel="depends-on" href="#cm-3_smt.e"/>
           <p>records of configuration-controlled changes to the system are retained for <insert type="param" id-ref="cm-03_odp.01"/>;</p>
+          <link rel="depends-on" href="#cm-3_smt.e"/>
         </part>
         <part id="cm-3_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03f."/>
-          <link rel="depends-on" href="#cm-3_smt.f"/>
           <part id="cm-3_obj.f-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03f.[01]"/>
-            <link rel="depends-on" href="#cm-3_smt.f"/>
             <p>activities associated with configuration-controlled changes to the system are monitored;</p>
+            <link rel="depends-on" href="#cm-3_smt.f"/>
           </part>
           <part id="cm-3_obj.f-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03f.[02]"/>
-            <link rel="depends-on" href="#cm-3_smt.f"/>
             <p>activities associated with configuration-controlled changes to the system are reviewed;</p>
+            <link rel="depends-on" href="#cm-3_smt.f"/>
           </part>
+          <link rel="depends-on" href="#cm-3_smt.f"/>
         </part>
         <part id="cm-3_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03g."/>
-          <link rel="depends-on" href="#cm-3_smt.g"/>
           <part id="cm-3_obj.g-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03g.[01]"/>
-            <link rel="depends-on" href="#cm-3_smt.g"/>
             <p>configuration change control activities are coordinated and overseen by <insert type="param" id-ref="cm-03_odp.02"/>;</p>
+            <link rel="depends-on" href="#cm-3_smt.g"/>
           </part>
           <part id="cm-3_obj.g-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03g.[02]"/>
-            <link rel="depends-on" href="#cm-3_smt.g"/>
             <p>the configuration control element convenes <insert type="param" id-ref="cm-03_odp.03"/>.</p>
+            <link rel="depends-on" href="#cm-3_smt.g"/>
           </part>
+          <link rel="depends-on" href="#cm-3_smt.g"/>
         </part>
+        <link rel="depends-on" href="#cm-3_smt"/>
       </part>
       <part id="cm-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -19959,37 +19959,37 @@
         </part>
         <part id="cm-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(01)"/>
-          <link rel="depends-on" href="#cm-3.1_smt"/>
           <part id="cm-3.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(01)(a)"/>
-            <link rel="depends-on" href="#cm-3.1_smt.a"/>
             <p><insert type="param" id-ref="cm-03.01_odp.01"/> are used to document proposed changes to the system;</p>
+            <link rel="depends-on" href="#cm-3.1_smt.a"/>
           </part>
           <part id="cm-3.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(01)(b)"/>
-            <link rel="depends-on" href="#cm-3.1_smt.b"/>
             <p><insert type="param" id-ref="cm-03.01_odp.01"/> are used to notify <insert type="param" id-ref="cm-03.01_odp.02"/> of proposed changes to the system and request change approval;</p>
+            <link rel="depends-on" href="#cm-3.1_smt.b"/>
           </part>
           <part id="cm-3.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(01)(c)"/>
-            <link rel="depends-on" href="#cm-3.1_smt.c"/>
             <p><insert type="param" id-ref="cm-03.01_odp.01"/> are used to highlight proposed changes to the system that have not been approved or disapproved within <insert type="param" id-ref="cm-03.01_odp.03"/>;</p>
+            <link rel="depends-on" href="#cm-3.1_smt.c"/>
           </part>
           <part id="cm-3.1_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(01)(d)"/>
-            <link rel="depends-on" href="#cm-3.1_smt.d"/>
             <p><insert type="param" id-ref="cm-03.01_odp.01"/> are used to prohibit changes to the system until designated approvals are received;</p>
+            <link rel="depends-on" href="#cm-3.1_smt.d"/>
           </part>
           <part id="cm-3.1_obj.e" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(01)(e)"/>
-            <link rel="depends-on" href="#cm-3.1_smt.e"/>
             <p><insert type="param" id-ref="cm-03.01_odp.01"/> are used to document all changes to the system;</p>
+            <link rel="depends-on" href="#cm-3.1_smt.e"/>
           </part>
           <part id="cm-3.1_obj.f" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(01)(f)"/>
-            <link rel="depends-on" href="#cm-3.1_smt.f"/>
             <p><insert type="param" id-ref="cm-03.01_odp.01"/> are used to notify <insert type="param" id-ref="cm-03.01_odp.04"/> when approved changes to the system are completed.</p>
+            <link rel="depends-on" href="#cm-3.1_smt.f"/>
           </part>
+          <link rel="depends-on" href="#cm-3.1_smt"/>
         </part>
         <part id="cm-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20046,22 +20046,22 @@
         </part>
         <part id="cm-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(02)"/>
-          <link rel="depends-on" href="#cm-3.2_smt"/>
           <part id="cm-3.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(02)[01]"/>
-            <link rel="depends-on" href="#cm-3.2_smt"/>
             <p>changes to the system are tested before finalizing the implementation of the changes;</p>
+            <link rel="depends-on" href="#cm-3.2_smt"/>
           </part>
           <part id="cm-3.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(02)[02]"/>
-            <link rel="depends-on" href="#cm-3.2_smt"/>
             <p>changes to the system are validated before finalizing the implementation of the changes;</p>
+            <link rel="depends-on" href="#cm-3.2_smt"/>
           </part>
           <part id="cm-3.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(02)[03]"/>
-            <link rel="depends-on" href="#cm-3.2_smt"/>
             <p>changes to the system are documented before finalizing the implementation of the changes.</p>
+            <link rel="depends-on" href="#cm-3.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-3.2_smt"/>
         </part>
         <part id="cm-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20124,17 +20124,17 @@
         </part>
         <part id="cm-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(03)"/>
-          <link rel="depends-on" href="#cm-3.3_smt"/>
           <part id="cm-3.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(03)[01]"/>
-            <link rel="depends-on" href="#cm-3.3_smt"/>
             <p>changes to the current system baseline are implemented using <insert type="param" id-ref="cm-03.03_odp"/>;</p>
+            <link rel="depends-on" href="#cm-3.3_smt"/>
           </part>
           <part id="cm-3.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(03)[02]"/>
-            <link rel="depends-on" href="#cm-3.3_smt"/>
             <p>the updated baseline is deployed across the installed base using <insert type="param" id-ref="cm-03.03_odp"/>.</p>
+            <link rel="depends-on" href="#cm-3.3_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-3.3_smt"/>
         </part>
         <part id="cm-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20215,17 +20215,17 @@
         </part>
         <part id="cm-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(04)"/>
-          <link rel="depends-on" href="#cm-3.4_smt"/>
           <part id="cm-3.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(04)[01]"/>
-            <link rel="depends-on" href="#cm-3.4_smt"/>
             <p><insert type="param" id-ref="cm-03.04_odp.01"/> are required to be members of the <insert type="param" id-ref="cm-03.04_odp.03"/>;</p>
+            <link rel="depends-on" href="#cm-3.4_smt"/>
           </part>
           <part id="cm-3.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-03(04)[02]"/>
-            <link rel="depends-on" href="#cm-3.4_smt"/>
             <p><insert type="param" id-ref="cm-03.04_odp.02"/> are required to be members of the <insert type="param" id-ref="cm-03.04_odp.03"/>.</p>
+            <link rel="depends-on" href="#cm-3.4_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-3.4_smt"/>
         </part>
         <part id="cm-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20279,8 +20279,8 @@
         </part>
         <part id="cm-3.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(05)"/>
-          <link rel="depends-on" href="#cm-3.5_smt"/>
           <p><insert type="param" id-ref="cm-03.05_odp"/> are automatically implemented if baseline configurations are changed in an unauthorized manner.</p>
+          <link rel="depends-on" href="#cm-3.5_smt"/>
         </part>
         <part id="cm-3.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20342,8 +20342,8 @@
         </part>
         <part id="cm-3.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(06)"/>
-          <link rel="depends-on" href="#cm-3.6_smt"/>
           <p>cryptographic mechanisms used to provide <insert type="param" id-ref="cm-03.06_odp"/> are under configuration management.</p>
+          <link rel="depends-on" href="#cm-3.6_smt"/>
         </part>
         <part id="cm-3.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20413,8 +20413,8 @@
         </part>
         <part id="cm-3.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(07)"/>
-          <link rel="depends-on" href="#cm-3.7_smt"/>
           <p>changes to the system are reviewed <insert type="param" id-ref="cm-03.07_odp.01"/> or when <insert type="param" id-ref="cm-03.07_odp.02"/> to determine whether unauthorized changes have occurred.</p>
+          <link rel="depends-on" href="#cm-3.7_smt"/>
         </part>
         <part id="cm-3.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20474,8 +20474,8 @@
         </part>
         <part id="cm-3.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-03(08)"/>
-          <link rel="depends-on" href="#cm-3.8_smt"/>
           <p>changes to the configuration of the system are prevented or restricted under <insert type="param" id-ref="cm-03.08_odp"/>.</p>
+          <link rel="depends-on" href="#cm-3.8_smt"/>
         </part>
         <part id="cm-3.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20523,17 +20523,17 @@
       </part>
       <part id="cm-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-04"/>
-        <link rel="depends-on" href="#cm-4_smt"/>
         <part id="cm-4_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-04[01]"/>
-          <link rel="depends-on" href="#cm-4_smt"/>
           <p>changes to the system are analyzed to determine potential security impacts prior to change implementation;</p>
+          <link rel="depends-on" href="#cm-4_smt"/>
         </part>
         <part id="cm-4_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-04[02]"/>
-          <link rel="depends-on" href="#cm-4_smt"/>
           <p>changes to the system are analyzed to determine potential privacy impacts prior to change implementation.</p>
+          <link rel="depends-on" href="#cm-4_smt"/>
         </part>
+        <link rel="depends-on" href="#cm-4_smt"/>
       </part>
       <part id="cm-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20593,52 +20593,52 @@
         </part>
         <part id="cm-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-04(01)"/>
-          <link rel="depends-on" href="#cm-4.1_smt"/>
           <part id="cm-4.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[01]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed in a separate test environment before implementation in an operational environment;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[02]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for security impacts due to flaws;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[03]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for privacy impacts due to flaws;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[04]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for security impacts due to weaknesses;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[05]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for privacy impacts due to weaknesses;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[06]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for security impacts due to incompatibility;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[07]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for privacy impacts due to incompatibility;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[08]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for security impacts due to intentional malice;</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
           <part id="cm-4.1_obj-9" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(01)[09]"/>
-            <link rel="depends-on" href="#cm-4.1_smt"/>
             <p>changes to the system are analyzed for privacy impacts due to intentional malice.</p>
+            <link rel="depends-on" href="#cm-4.1_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-4.1_smt"/>
         </part>
         <part id="cm-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20701,37 +20701,37 @@
         </part>
         <part id="cm-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-04(02)"/>
-          <link rel="depends-on" href="#cm-4.2_smt"/>
           <part id="cm-4.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(02)[01]"/>
-            <link rel="depends-on" href="#cm-4.2_smt"/>
             <p>the impacted controls are implemented correctly with regard to meeting the security requirements for the system after system changes;</p>
+            <link rel="depends-on" href="#cm-4.2_smt"/>
           </part>
           <part id="cm-4.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(02)[02]"/>
-            <link rel="depends-on" href="#cm-4.2_smt"/>
             <p>the impacted controls are implemented correctly with regard to meeting the privacy requirements for the system after system changes;</p>
+            <link rel="depends-on" href="#cm-4.2_smt"/>
           </part>
           <part id="cm-4.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(02)[03]"/>
-            <link rel="depends-on" href="#cm-4.2_smt"/>
             <p>the impacted controls are operating as intended with regard to meeting the security requirements for the system after system changes;</p>
+            <link rel="depends-on" href="#cm-4.2_smt"/>
           </part>
           <part id="cm-4.2_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(02)[04]"/>
-            <link rel="depends-on" href="#cm-4.2_smt"/>
             <p>the impacted controls are operating as intended with regard to meeting the privacy requirements for the system after system changes;</p>
+            <link rel="depends-on" href="#cm-4.2_smt"/>
           </part>
           <part id="cm-4.2_obj-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(02)[05]"/>
-            <link rel="depends-on" href="#cm-4.2_smt"/>
             <p>the impacted controls are producing the desired outcome with regard to meeting the security requirements for the system after system changes;</p>
+            <link rel="depends-on" href="#cm-4.2_smt"/>
           </part>
           <part id="cm-4.2_obj-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-04(02)[06]"/>
-            <link rel="depends-on" href="#cm-4.2_smt"/>
             <p>the impacted controls are producing the desired outcome with regard to meeting the privacy requirements for the system after system changes.</p>
+            <link rel="depends-on" href="#cm-4.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-4.2_smt"/>
         </part>
         <part id="cm-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20800,37 +20800,37 @@
       </part>
       <part id="cm-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-05"/>
-        <link rel="depends-on" href="#cm-5_smt"/>
         <part id="cm-5_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05[01]"/>
-          <link rel="depends-on" href="#cm-5_smt"/>
           <p>physical access restrictions associated with changes to the system are defined and documented;</p>
+          <link rel="depends-on" href="#cm-5_smt"/>
         </part>
         <part id="cm-5_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05[02]"/>
-          <link rel="depends-on" href="#cm-5_smt"/>
           <p>physical access restrictions associated with changes to the system are approved;</p>
+          <link rel="depends-on" href="#cm-5_smt"/>
         </part>
         <part id="cm-5_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05[03]"/>
-          <link rel="depends-on" href="#cm-5_smt"/>
           <p>physical access restrictions associated with changes to the system are enforced;</p>
+          <link rel="depends-on" href="#cm-5_smt"/>
         </part>
         <part id="cm-5_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05[04]"/>
-          <link rel="depends-on" href="#cm-5_smt"/>
           <p>logical access restrictions associated with changes to the system are defined and documented;</p>
+          <link rel="depends-on" href="#cm-5_smt"/>
         </part>
         <part id="cm-5_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05[05]"/>
-          <link rel="depends-on" href="#cm-5_smt"/>
           <p>logical access restrictions associated with changes to the system are approved;</p>
+          <link rel="depends-on" href="#cm-5_smt"/>
         </part>
         <part id="cm-5_obj-6" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05[06]"/>
-          <link rel="depends-on" href="#cm-5_smt"/>
           <p>logical access restrictions associated with changes to the system are enforced.</p>
+          <link rel="depends-on" href="#cm-5_smt"/>
         </part>
+        <link rel="depends-on" href="#cm-5_smt"/>
       </part>
       <part id="cm-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -20906,17 +20906,17 @@
         </part>
         <part id="cm-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05(01)"/>
-          <link rel="depends-on" href="#cm-5.1_smt"/>
           <part id="cm-5.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-05(01)(a)"/>
-            <link rel="depends-on" href="#cm-5.1_smt.a"/>
             <p>access restrictions for change are enforced using <insert type="param" id-ref="cm-05.01_odp"/>;</p>
+            <link rel="depends-on" href="#cm-5.1_smt.a"/>
           </part>
           <part id="cm-5.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-05(01)(b)"/>
-            <link rel="depends-on" href="#cm-5.1_smt.b"/>
             <p>audit records of enforcement actions are automatically generated.</p>
+            <link rel="depends-on" href="#cm-5.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-5.1_smt"/>
         </part>
         <part id="cm-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21007,17 +21007,17 @@
         </part>
         <part id="cm-5.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05(04)"/>
-          <link rel="depends-on" href="#cm-5.4_smt"/>
           <part id="cm-5.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-05(04)[01]"/>
-            <link rel="depends-on" href="#cm-5.4_smt"/>
             <p>dual authorization for implementing changes to <insert type="param" id-ref="cm-05.04_odp.01"/> is enforced;</p>
+            <link rel="depends-on" href="#cm-5.4_smt"/>
           </part>
           <part id="cm-5.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-05(04)[02]"/>
-            <link rel="depends-on" href="#cm-5.4_smt"/>
             <p>dual authorization for implementing changes to <insert type="param" id-ref="cm-05.04_odp.02"/> is enforced.</p>
+            <link rel="depends-on" href="#cm-5.4_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-5.4_smt"/>
         </part>
         <part id="cm-5.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21097,35 +21097,35 @@
         </part>
         <part id="cm-5.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05(05)"/>
-          <link rel="depends-on" href="#cm-5.5_smt"/>
           <part id="cm-5.5_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-05(05)(a)"/>
-            <link rel="depends-on" href="#cm-5.5_smt.a"/>
             <part id="cm-5.5_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-05(05)(a)[01]"/>
-              <link rel="depends-on" href="#cm-5.5_smt.a"/>
               <p>privileges to change system components within a production or operational environment are limited;</p>
+              <link rel="depends-on" href="#cm-5.5_smt.a"/>
             </part>
             <part id="cm-5.5_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-05(05)(a)[02]"/>
-              <link rel="depends-on" href="#cm-5.5_smt.a"/>
               <p>privileges to change system-related information within a production or operational environment are limited;</p>
+              <link rel="depends-on" href="#cm-5.5_smt.a"/>
             </part>
+            <link rel="depends-on" href="#cm-5.5_smt.a"/>
           </part>
           <part id="cm-5.5_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-05(05)(b)"/>
-            <link rel="depends-on" href="#cm-5.5_smt.b"/>
             <part id="cm-5.5_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-05(05)(b)[01]"/>
-              <link rel="depends-on" href="#cm-5.5_smt.b"/>
               <p>privileges are reviewed <insert type="param" id-ref="cm-05.05_odp.01"/>;</p>
+              <link rel="depends-on" href="#cm-5.5_smt.b"/>
             </part>
             <part id="cm-5.5_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-05(05)(b)[02]"/>
-              <link rel="depends-on" href="#cm-5.5_smt.b"/>
               <p>privileges are reevaluated <insert type="param" id-ref="cm-05.05_odp.02"/>.</p>
+              <link rel="depends-on" href="#cm-5.5_smt.b"/>
             </part>
+            <link rel="depends-on" href="#cm-5.5_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-5.5_smt"/>
         </part>
         <part id="cm-5.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21180,8 +21180,8 @@
         </part>
         <part id="cm-5.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-05(06)"/>
-          <link rel="depends-on" href="#cm-5.6_smt"/>
           <p>privileges to change software resident within software libraries are limited.</p>
+          <link rel="depends-on" href="#cm-5.6_smt"/>
         </part>
         <part id="cm-5.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21316,45 +21316,45 @@
       </part>
       <part id="cm-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-06"/>
-        <link rel="depends-on" href="#cm-6_smt"/>
         <part id="cm-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-06a."/>
-          <link rel="depends-on" href="#cm-6_smt.a"/>
           <p>configuration settings that reflect the most restrictive mode consistent with operational requirements are established and documented for components employed within the system using <insert type="param" id-ref="cm-06_odp.01"/>;</p>
+          <link rel="depends-on" href="#cm-6_smt.a"/>
         </part>
         <part id="cm-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-06b."/>
-          <link rel="depends-on" href="#cm-6_smt.b"/>
           <p>the configuration settings documented in CM-06a are implemented;</p>
+          <link rel="depends-on" href="#cm-6_smt.b"/>
         </part>
         <part id="cm-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-06c."/>
-          <link rel="depends-on" href="#cm-6_smt.c"/>
           <part id="cm-6_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06c.[01]"/>
-            <link rel="depends-on" href="#cm-6_smt.c"/>
             <p>any deviations from established configuration settings for <insert type="param" id-ref="cm-06_odp.02"/> are identified and documented based on <insert type="param" id-ref="cm-06_odp.03"/>;</p>
+            <link rel="depends-on" href="#cm-6_smt.c"/>
           </part>
           <part id="cm-6_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06c.[02]"/>
-            <link rel="depends-on" href="#cm-6_smt.c"/>
             <p>any deviations from established configuration settings for <insert type="param" id-ref="cm-06_odp.02"/> are approved;</p>
+            <link rel="depends-on" href="#cm-6_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cm-6_smt.c"/>
         </part>
         <part id="cm-6_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-06d."/>
-          <link rel="depends-on" href="#cm-6_smt.d"/>
           <part id="cm-6_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06d.[01]"/>
-            <link rel="depends-on" href="#cm-6_smt.d"/>
             <p>changes to the configuration settings are monitored in accordance with organizational policies and procedures;</p>
+            <link rel="depends-on" href="#cm-6_smt.d"/>
           </part>
           <part id="cm-6_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06d.[02]"/>
-            <link rel="depends-on" href="#cm-6_smt.d"/>
             <p>changes to the configuration settings are controlled in accordance with organizational policies and procedures.</p>
+            <link rel="depends-on" href="#cm-6_smt.d"/>
           </part>
+          <link rel="depends-on" href="#cm-6_smt.d"/>
         </part>
+        <link rel="depends-on" href="#cm-6_smt"/>
       </part>
       <part id="cm-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21446,22 +21446,22 @@
         </part>
         <part id="cm-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-06(01)"/>
-          <link rel="depends-on" href="#cm-6.1_smt"/>
           <part id="cm-6.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06(01)[01]"/>
-            <link rel="depends-on" href="#cm-6.1_smt"/>
             <p>configuration settings for <insert type="param" id-ref="cm-06.01_odp.01"/> are managed using <insert type="param" id-ref="cm-06.01_odp.02"/>;</p>
+            <link rel="depends-on" href="#cm-6.1_smt"/>
           </part>
           <part id="cm-6.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06(01)[02]"/>
-            <link rel="depends-on" href="#cm-6.1_smt"/>
             <p>configuration settings for <insert type="param" id-ref="cm-06.01_odp.01"/> are applied using <insert type="param" id-ref="cm-06.01_odp.03"/>;</p>
+            <link rel="depends-on" href="#cm-6.1_smt"/>
           </part>
           <part id="cm-6.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-06(01)[03]"/>
-            <link rel="depends-on" href="#cm-6.1_smt"/>
             <p>configuration settings for <insert type="param" id-ref="cm-06.01_odp.01"/> are verified using <insert type="param" id-ref="cm-06.01_odp.04"/>.</p>
+            <link rel="depends-on" href="#cm-6.1_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-6.1_smt"/>
         </part>
         <part id="cm-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21534,8 +21534,8 @@
         </part>
         <part id="cm-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-06(02)"/>
-          <link rel="depends-on" href="#cm-6.2_smt"/>
           <p><insert type="param" id-ref="cm-06.02_odp.01"/> are taken in response to unauthorized changes to <insert type="param" id-ref="cm-06.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#cm-6.2_smt"/>
         </part>
         <part id="cm-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21687,41 +21687,41 @@
       </part>
       <part id="cm-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-07"/>
-        <link rel="depends-on" href="#cm-7_smt"/>
         <part id="cm-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07a."/>
-          <link rel="depends-on" href="#cm-7_smt.a"/>
           <p>the system is configured to provide only <insert type="param" id-ref="cm-07_odp.01"/>;</p>
+          <link rel="depends-on" href="#cm-7_smt.a"/>
         </part>
         <part id="cm-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07b."/>
-          <link rel="depends-on" href="#cm-7_smt.b"/>
           <part id="cm-7_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07b.[01]"/>
-            <link rel="depends-on" href="#cm-7_smt.b"/>
             <p>the use of <insert type="param" id-ref="cm-07_odp.02"/> is prohibited or restricted;</p>
+            <link rel="depends-on" href="#cm-7_smt.b"/>
           </part>
           <part id="cm-7_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07b.[02]"/>
-            <link rel="depends-on" href="#cm-7_smt.b"/>
             <p>the use of <insert type="param" id-ref="cm-07_odp.03"/> is prohibited or restricted;</p>
+            <link rel="depends-on" href="#cm-7_smt.b"/>
           </part>
           <part id="cm-7_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07b.[03]"/>
-            <link rel="depends-on" href="#cm-7_smt.b"/>
             <p>the use of <insert type="param" id-ref="cm-07_odp.04"/> is prohibited or restricted;</p>
+            <link rel="depends-on" href="#cm-7_smt.b"/>
           </part>
           <part id="cm-7_obj.b-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07b.[04]"/>
-            <link rel="depends-on" href="#cm-7_smt.b"/>
             <p>the use of <insert type="param" id-ref="cm-07_odp.05"/> is prohibited or restricted;</p>
+            <link rel="depends-on" href="#cm-7_smt.b"/>
           </part>
           <part id="cm-7_obj.b-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07b.[05]"/>
-            <link rel="depends-on" href="#cm-7_smt.b"/>
             <p>the use of <insert type="param" id-ref="cm-07_odp.06"/> is prohibited or restricted.</p>
+            <link rel="depends-on" href="#cm-7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-7_smt.b"/>
         </part>
+        <link rel="depends-on" href="#cm-7_smt"/>
       </part>
       <part id="cm-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21831,41 +21831,41 @@
         </part>
         <part id="cm-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(01)"/>
-          <link rel="depends-on" href="#cm-7.1_smt"/>
           <part id="cm-7.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(01)(a)"/>
-            <link rel="depends-on" href="#cm-7.1_smt.a"/>
             <p>the system is reviewed <insert type="param" id-ref="cm-07.01_odp.01"/> to identify unnecessary and/or non-secure functions, ports, protocols, software, and services:</p>
+            <link rel="depends-on" href="#cm-7.1_smt.a"/>
           </part>
           <part id="cm-7.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(01)(b)"/>
-            <link rel="depends-on" href="#cm-7.1_smt.b"/>
             <part id="cm-7.1_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(01)(b)[01]"/>
-              <link rel="depends-on" href="#cm-7.1_smt.b"/>
               <p><insert type="param" id-ref="cm-07.01_odp.02"/> deemed to be unnecessary and/or non-secure are disabled or removed;</p>
+              <link rel="depends-on" href="#cm-7.1_smt.b"/>
             </part>
             <part id="cm-7.1_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(01)(b)[02]"/>
-              <link rel="depends-on" href="#cm-7.1_smt.b"/>
               <p><insert type="param" id-ref="cm-07.01_odp.03"/> deemed to be unnecessary and/or non-secure are disabled or removed;</p>
+              <link rel="depends-on" href="#cm-7.1_smt.b"/>
             </part>
             <part id="cm-7.1_obj.b-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(01)(b)[03]"/>
-              <link rel="depends-on" href="#cm-7.1_smt.b"/>
               <p><insert type="param" id-ref="cm-07.01_odp.04"/> deemed to be unnecessary and/or non-secure are disabled or removed;</p>
+              <link rel="depends-on" href="#cm-7.1_smt.b"/>
             </part>
             <part id="cm-7.1_obj.b-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(01)(b)[04]"/>
-              <link rel="depends-on" href="#cm-7.1_smt.b"/>
               <p><insert type="param" id-ref="cm-07.01_odp.05"/> deemed to be unnecessary and/or non-secure is disabled or removed;</p>
+              <link rel="depends-on" href="#cm-7.1_smt.b"/>
             </part>
             <part id="cm-7.1_obj.b-5" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(01)(b)[05]"/>
-              <link rel="depends-on" href="#cm-7.1_smt.b"/>
               <p><insert type="param" id-ref="cm-07.01_odp.06"/> deemed to be unnecessary and/or non-secure are disabled or removed.</p>
+              <link rel="depends-on" href="#cm-7.1_smt.b"/>
             </part>
+            <link rel="depends-on" href="#cm-7.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-7.1_smt"/>
         </part>
         <part id="cm-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -21939,8 +21939,8 @@
         </part>
         <part id="cm-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(02)"/>
-          <link rel="depends-on" href="#cm-7.2_smt"/>
           <p>program execution is prevented in accordance with <insert type="param" id-ref="cm-07.02_odp.01"/>.</p>
+          <link rel="depends-on" href="#cm-7.2_smt"/>
         </part>
         <part id="cm-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22004,8 +22004,8 @@
         </part>
         <part id="cm-7.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(03)"/>
-          <link rel="depends-on" href="#cm-7.3_smt"/>
           <p><insert type="param" id-ref="cm-07.03_odp"/> are complied with.</p>
+          <link rel="depends-on" href="#cm-7.3_smt"/>
         </part>
         <part id="cm-7.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22089,22 +22089,22 @@
         </part>
         <part id="cm-7.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(04)"/>
-          <link rel="depends-on" href="#cm-7.4_smt"/>
           <part id="cm-7.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(04)(a)"/>
-            <link rel="depends-on" href="#cm-7.4_smt.a"/>
             <p><insert type="param" id-ref="cm-07.04_odp.01"/> are identified;</p>
+            <link rel="depends-on" href="#cm-7.4_smt.a"/>
           </part>
           <part id="cm-7.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(04)(b)"/>
-            <link rel="depends-on" href="#cm-7.4_smt.b"/>
             <p>an allow-all, deny-by-exception policy is employed to prohibit the execution of unauthorized software programs on the system;</p>
+            <link rel="depends-on" href="#cm-7.4_smt.b"/>
           </part>
           <part id="cm-7.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(04)(c)"/>
-            <link rel="depends-on" href="#cm-7.4_smt.c"/>
             <p>the list of unauthorized software programs is reviewed and updated <insert type="param" id-ref="cm-07.04_odp.02"/>.</p>
+            <link rel="depends-on" href="#cm-7.4_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cm-7.4_smt"/>
         </part>
         <part id="cm-7.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22197,22 +22197,22 @@
         </part>
         <part id="cm-7.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(05)"/>
-          <link rel="depends-on" href="#cm-7.5_smt"/>
           <part id="cm-7.5_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(05)(a)"/>
-            <link rel="depends-on" href="#cm-7.5_smt.a"/>
             <p><insert type="param" id-ref="cm-07.05_odp.01"/> are identified;</p>
+            <link rel="depends-on" href="#cm-7.5_smt.a"/>
           </part>
           <part id="cm-7.5_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(05)(b)"/>
-            <link rel="depends-on" href="#cm-7.5_smt.b"/>
             <p>a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the system is employed;</p>
+            <link rel="depends-on" href="#cm-7.5_smt.b"/>
           </part>
           <part id="cm-7.5_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(05)(c)"/>
-            <link rel="depends-on" href="#cm-7.5_smt.c"/>
             <p>the list of authorized software programs is reviewed and updated <insert type="param" id-ref="cm-07.05_odp.02"/>.</p>
+            <link rel="depends-on" href="#cm-7.5_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cm-7.5_smt"/>
         </part>
         <part id="cm-7.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22278,8 +22278,8 @@
         </part>
         <part id="cm-7.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(06)"/>
-          <link rel="depends-on" href="#cm-7.6_smt"/>
           <p><insert type="param" id-ref="cm-07.06_odp"/> is required to be executed in a confined physical or virtual machine environment with limited privileges.</p>
+          <link rel="depends-on" href="#cm-7.6_smt"/>
         </part>
         <part id="cm-7.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22352,18 +22352,18 @@
         </part>
         <part id="cm-7.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(07)"/>
-          <link rel="depends-on" href="#cm-7.7_smt"/>
           <p>the execution of binary or machine-executable code is only allowed in confined physical or virtual machine environments;</p>
           <part id="cm-7.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(07)(a)"/>
-            <link rel="depends-on" href="#cm-7.7_smt.a"/>
             <p>the execution of binary or machine-executable code obtained from sources with limited or no warranty is only allowed with the explicit approval of <insert type="param" id-ref="cm-07.07_odp"/>;</p>
+            <link rel="depends-on" href="#cm-7.7_smt.a"/>
           </part>
           <part id="cm-7.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(07)(b)"/>
-            <link rel="depends-on" href="#cm-7.7_smt.b"/>
             <p>the execution of binary or machine-executable code without the provision of source code is only allowed with the explicit approval of <insert type="param" id-ref="cm-07.07_odp"/>.</p>
+            <link rel="depends-on" href="#cm-7.7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-7.7_smt"/>
         </part>
         <part id="cm-7.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22429,26 +22429,26 @@
         </part>
         <part id="cm-7.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(08)"/>
-          <link rel="depends-on" href="#cm-7.8_smt"/>
           <part id="cm-7.8_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(08)(a)"/>
-            <link rel="depends-on" href="#cm-7.8_smt.a"/>
             <p>the use of binary or machine-executable code is prohibited when it originates from sources with limited or no warranty or without the provision of source code;</p>
+            <link rel="depends-on" href="#cm-7.8_smt.a"/>
           </part>
           <part id="cm-7.8_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(08)(b)"/>
-            <link rel="depends-on" href="#cm-7.8_smt.b"/>
             <part id="cm-7.8_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(08)(b)[01]"/>
-              <link rel="depends-on" href="#cm-7.8_smt.b"/>
               <p>exceptions to the prohibition of binary or machine-executable code from sources with limited or no warranty or without the provision of source code are allowed only for compelling mission or operational requirements;</p>
+              <link rel="depends-on" href="#cm-7.8_smt.b"/>
             </part>
             <part id="cm-7.8_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-07(08)(b)[02]"/>
-              <link rel="depends-on" href="#cm-7.8_smt.b"/>
               <p>exceptions to the prohibition of binary or machine-executable code from sources with limited or no warranty or without the provision of source code are allowed only with the approval of the authorizing official.</p>
+              <link rel="depends-on" href="#cm-7.8_smt.b"/>
             </part>
+            <link rel="depends-on" href="#cm-7.8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-7.8_smt"/>
         </part>
         <part id="cm-7.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22533,22 +22533,22 @@
         </part>
         <part id="cm-7.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-07(09)"/>
-          <link rel="depends-on" href="#cm-7.9_smt"/>
           <part id="cm-7.9_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(09)(a)"/>
-            <link rel="depends-on" href="#cm-7.9_smt.a"/>
             <p><insert type="param" id-ref="cm-07.09_odp.01"/> are identified;</p>
+            <link rel="depends-on" href="#cm-7.9_smt.a"/>
           </part>
           <part id="cm-7.9_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(09)(b)"/>
-            <link rel="depends-on" href="#cm-7.9_smt.b"/>
             <p>the use or connection of unauthorized hardware components is prohibited;</p>
+            <link rel="depends-on" href="#cm-7.9_smt.b"/>
           </part>
           <part id="cm-7.9_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-07(09)(c)"/>
-            <link rel="depends-on" href="#cm-7.9_smt.c"/>
             <p>the list of authorized hardware components is reviewed and updated <insert type="param" id-ref="cm-07.09_odp.02"/>.</p>
+            <link rel="depends-on" href="#cm-7.9_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cm-7.9_smt"/>
         </part>
         <part id="cm-7.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22668,41 +22668,41 @@
       </part>
       <part id="cm-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-08"/>
-        <link rel="depends-on" href="#cm-8_smt"/>
         <part id="cm-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08a."/>
-          <link rel="depends-on" href="#cm-8_smt.a"/>
           <part id="cm-8_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08a.01"/>
-            <link rel="depends-on" href="#cm-8_smt.a.1"/>
             <p>an inventory of system components that accurately reflects the system is developed and documented;</p>
+            <link rel="depends-on" href="#cm-8_smt.a.1"/>
           </part>
           <part id="cm-8_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08a.02"/>
-            <link rel="depends-on" href="#cm-8_smt.a.2"/>
             <p>an inventory of system components that includes all components within the system is developed and documented;</p>
+            <link rel="depends-on" href="#cm-8_smt.a.2"/>
           </part>
           <part id="cm-8_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08a.03"/>
-            <link rel="depends-on" href="#cm-8_smt.a.3"/>
             <p>an inventory of system components that does not include duplicate accounting of components or components assigned to any other system is developed and documented;</p>
+            <link rel="depends-on" href="#cm-8_smt.a.3"/>
           </part>
           <part id="cm-8_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08a.04"/>
-            <link rel="depends-on" href="#cm-8_smt.a.4"/>
             <p>an inventory of system components that is at the level of granularity deemed necessary for tracking and reporting is developed and documented;</p>
+            <link rel="depends-on" href="#cm-8_smt.a.4"/>
           </part>
           <part id="cm-8_obj.a.5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08a.05"/>
-            <link rel="depends-on" href="#cm-8_smt.a.5"/>
             <p>an inventory of system components that includes <insert type="param" id-ref="cm-08_odp.01"/> is developed and documented;</p>
+            <link rel="depends-on" href="#cm-8_smt.a.5"/>
           </part>
+          <link rel="depends-on" href="#cm-8_smt.a"/>
         </part>
         <part id="cm-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08b."/>
-          <link rel="depends-on" href="#cm-8_smt.b"/>
           <p>the system component inventory is reviewed and updated <insert type="param" id-ref="cm-08_odp.02"/>.</p>
+          <link rel="depends-on" href="#cm-8_smt.b"/>
         </part>
+        <link rel="depends-on" href="#cm-8_smt"/>
       </part>
       <part id="cm-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22753,22 +22753,22 @@
         </part>
         <part id="cm-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(01)"/>
-          <link rel="depends-on" href="#cm-8.1_smt"/>
           <part id="cm-8.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(01)[01]"/>
-            <link rel="depends-on" href="#cm-8.1_smt"/>
             <p>the inventory of system components is updated as part of component installations;</p>
+            <link rel="depends-on" href="#cm-8.1_smt"/>
           </part>
           <part id="cm-8.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(01)[02]"/>
-            <link rel="depends-on" href="#cm-8.1_smt"/>
             <p>the inventory of system components is updated as part of component removals;</p>
+            <link rel="depends-on" href="#cm-8.1_smt"/>
           </part>
           <part id="cm-8.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(01)[03]"/>
-            <link rel="depends-on" href="#cm-8.1_smt"/>
             <p>the inventory of system components is updated as part of system updates.</p>
+            <link rel="depends-on" href="#cm-8.1_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-8.1_smt"/>
         </part>
         <part id="cm-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22856,27 +22856,27 @@
         </part>
         <part id="cm-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(02)"/>
-          <link rel="depends-on" href="#cm-8.2_smt"/>
           <part id="cm-8.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(02)[01]"/>
-            <link rel="depends-on" href="#cm-8.2_smt"/>
             <p><insert type="param" id-ref="cm-08.02_odp.01"/> are used to maintain the currency of the system component inventory;</p>
+            <link rel="depends-on" href="#cm-8.2_smt"/>
           </part>
           <part id="cm-8.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(02)[02]"/>
-            <link rel="depends-on" href="#cm-8.2_smt"/>
             <p><insert type="param" id-ref="cm-08.02_odp.02"/> are used to maintain the completeness of the system component inventory;</p>
+            <link rel="depends-on" href="#cm-8.2_smt"/>
           </part>
           <part id="cm-8.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(02)[03]"/>
-            <link rel="depends-on" href="#cm-8.2_smt"/>
             <p><insert type="param" id-ref="cm-08.02_odp.03"/> are used to maintain the accuracy of the system component inventory;</p>
+            <link rel="depends-on" href="#cm-8.2_smt"/>
           </part>
           <part id="cm-8.2_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(02)[04]"/>
-            <link rel="depends-on" href="#cm-8.2_smt"/>
             <p><insert type="param" id-ref="cm-08.02_odp.04"/> are used to maintain the availability of the system component inventory.</p>
+            <link rel="depends-on" href="#cm-8.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-8.2_smt"/>
         </part>
         <part id="cm-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -22998,45 +22998,45 @@
         </part>
         <part id="cm-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(03)"/>
-          <link rel="depends-on" href="#cm-8.3_smt"/>
           <part id="cm-8.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(03)(a)"/>
-            <link rel="depends-on" href="#cm-8.3_smt.a"/>
             <part id="cm-8.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-08(03)(a)[01]"/>
-              <link rel="depends-on" href="#cm-8.3_smt.a"/>
               <p>the presence of unauthorized hardware within the system is detected using <insert type="param" id-ref="cm-08.03_odp.01"/> <insert type="param" id-ref="cm-08.03_odp.04"/>;</p>
+              <link rel="depends-on" href="#cm-8.3_smt.a"/>
             </part>
             <part id="cm-8.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-08(03)(a)[02]"/>
-              <link rel="depends-on" href="#cm-8.3_smt.a"/>
               <p>the presence of unauthorized software within the system is detected using <insert type="param" id-ref="cm-08.03_odp.02"/> <insert type="param" id-ref="cm-08.03_odp.04"/>;</p>
+              <link rel="depends-on" href="#cm-8.3_smt.a"/>
             </part>
             <part id="cm-8.3_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-08(03)(a)[03]"/>
-              <link rel="depends-on" href="#cm-8.3_smt.a"/>
               <p>the presence of unauthorized firmware within the system is detected using <insert type="param" id-ref="cm-08.03_odp.03"/> <insert type="param" id-ref="cm-08.03_odp.04"/>;</p>
+              <link rel="depends-on" href="#cm-8.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#cm-8.3_smt.a"/>
           </part>
           <part id="cm-8.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(03)(b)"/>
-            <link rel="depends-on" href="#cm-8.3_smt.b"/>
             <part id="cm-8.3_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-08(03)(b)[01]"/>
-              <link rel="depends-on" href="#cm-8.3_smt.b"/>
               <p><insert type="param" id-ref="cm-08.03_odp.05"/> are taken when unauthorized hardware is detected;</p>
+              <link rel="depends-on" href="#cm-8.3_smt.b"/>
             </part>
             <part id="cm-8.3_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-08(03)(b)[02]"/>
-              <link rel="depends-on" href="#cm-8.3_smt.b"/>
               <p><insert type="param" id-ref="cm-08.03_odp.05"/> are taken when unauthorized software is detected;</p>
+              <link rel="depends-on" href="#cm-8.3_smt.b"/>
             </part>
             <part id="cm-8.3_obj.b-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CM-08(03)(b)[03]"/>
-              <link rel="depends-on" href="#cm-8.3_smt.b"/>
               <p><insert type="param" id-ref="cm-08.03_odp.05"/> are taken when unauthorized firmware is detected.</p>
+              <link rel="depends-on" href="#cm-8.3_smt.b"/>
             </part>
+            <link rel="depends-on" href="#cm-8.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-8.3_smt"/>
         </part>
         <part id="cm-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23105,8 +23105,8 @@
         </part>
         <part id="cm-8.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(04)"/>
-          <link rel="depends-on" href="#cm-8.4_smt"/>
           <p>individuals responsible and accountable for administering system components are identified by <insert type="param" id-ref="cm-08.04_odp"/> in the system component inventory.</p>
+          <link rel="depends-on" href="#cm-8.4_smt"/>
         </part>
         <part id="cm-8.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23163,17 +23163,17 @@
         </part>
         <part id="cm-8.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(06)"/>
-          <link rel="depends-on" href="#cm-8.6_smt"/>
           <part id="cm-8.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(06)[01]"/>
-            <link rel="depends-on" href="#cm-8.6_smt"/>
             <p>assessed component configurations are included in the system component inventory;</p>
+            <link rel="depends-on" href="#cm-8.6_smt"/>
           </part>
           <part id="cm-8.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(06)[02]"/>
-            <link rel="depends-on" href="#cm-8.6_smt"/>
             <p>any approved deviations to current deployed configurations are included in the system component inventory.</p>
+            <link rel="depends-on" href="#cm-8.6_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-8.6_smt"/>
         </part>
         <part id="cm-8.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23226,8 +23226,8 @@
         </part>
         <part id="cm-8.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(07)"/>
-          <link rel="depends-on" href="#cm-8.7_smt"/>
           <p>a centralized repository for the system component inventory is provided.</p>
+          <link rel="depends-on" href="#cm-8.7_smt"/>
         </part>
         <part id="cm-8.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23287,8 +23287,8 @@
         </part>
         <part id="cm-8.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(08)"/>
-          <link rel="depends-on" href="#cm-8.8_smt"/>
           <p><insert type="param" id-ref="cm-08.08_odp"/> are used to support the tracking of system components by geographic location.</p>
+          <link rel="depends-on" href="#cm-8.8_smt"/>
         </part>
         <part id="cm-8.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23357,17 +23357,17 @@
         </part>
         <part id="cm-8.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-08(09)"/>
-          <link rel="depends-on" href="#cm-8.9_smt"/>
           <part id="cm-8.9_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(09)(a)"/>
-            <link rel="depends-on" href="#cm-8.9_smt.a"/>
             <p>system components are assigned to a system;</p>
+            <link rel="depends-on" href="#cm-8.9_smt.a"/>
           </part>
           <part id="cm-8.9_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-08(09)(b)"/>
-            <link rel="depends-on" href="#cm-8.9_smt.b"/>
             <p>an acknowledgement of the component assignment is received from <insert type="param" id-ref="cm-08.09_odp"/>.</p>
+            <link rel="depends-on" href="#cm-8.9_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-8.9_smt"/>
         </part>
         <part id="cm-8.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23461,83 +23461,83 @@
       </part>
       <part id="cm-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-09"/>
-        <link rel="depends-on" href="#cm-9_smt"/>
         <part id="cm-9_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09[01]"/>
-          <link rel="depends-on" href="#cm-9_smt"/>
           <p>a configuration management plan for the system is developed and documented;</p>
+          <link rel="depends-on" href="#cm-9_smt"/>
         </part>
         <part id="cm-9_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09[02]"/>
-          <link rel="depends-on" href="#cm-9_smt"/>
           <p>a configuration management plan for the system is implemented;</p>
+          <link rel="depends-on" href="#cm-9_smt"/>
         </part>
         <part id="cm-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09a."/>
-          <link rel="depends-on" href="#cm-9_smt.a"/>
           <part id="cm-9_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09a.[01]"/>
-            <link rel="depends-on" href="#cm-9_smt.a"/>
             <p>the configuration management plan addresses roles;</p>
+            <link rel="depends-on" href="#cm-9_smt.a"/>
           </part>
           <part id="cm-9_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09a.[02]"/>
-            <link rel="depends-on" href="#cm-9_smt.a"/>
             <p>the configuration management plan addresses responsibilities;</p>
+            <link rel="depends-on" href="#cm-9_smt.a"/>
           </part>
           <part id="cm-9_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09a.[03]"/>
-            <link rel="depends-on" href="#cm-9_smt.a"/>
             <p>the configuration management plan addresses configuration management processes and procedures;</p>
+            <link rel="depends-on" href="#cm-9_smt.a"/>
           </part>
+          <link rel="depends-on" href="#cm-9_smt.a"/>
         </part>
         <part id="cm-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09b."/>
-          <link rel="depends-on" href="#cm-9_smt.b"/>
           <part id="cm-9_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09b.[01]"/>
-            <link rel="depends-on" href="#cm-9_smt.b"/>
             <p>the configuration management plan establishes a process for identifying configuration items throughout the system development life cycle;</p>
+            <link rel="depends-on" href="#cm-9_smt.b"/>
           </part>
           <part id="cm-9_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09b.[02]"/>
-            <link rel="depends-on" href="#cm-9_smt.b"/>
             <p>the configuration management plan establishes a process for managing the configuration of the configuration items;</p>
+            <link rel="depends-on" href="#cm-9_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-9_smt.b"/>
         </part>
         <part id="cm-9_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09c."/>
-          <link rel="depends-on" href="#cm-9_smt.c"/>
           <part id="cm-9_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09c.[01]"/>
-            <link rel="depends-on" href="#cm-9_smt.c"/>
             <p>the configuration management plan defines the configuration items for the system;</p>
+            <link rel="depends-on" href="#cm-9_smt.c"/>
           </part>
           <part id="cm-9_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09c.[02]"/>
-            <link rel="depends-on" href="#cm-9_smt.c"/>
             <p>the configuration management plan places the configuration items under configuration management;</p>
+            <link rel="depends-on" href="#cm-9_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cm-9_smt.c"/>
         </part>
         <part id="cm-9_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09d."/>
-          <link rel="depends-on" href="#cm-9_smt.d"/>
           <p>the configuration management plan is reviewed and approved by <insert type="param" id-ref="cm-09_odp"/>;</p>
+          <link rel="depends-on" href="#cm-9_smt.d"/>
         </part>
         <part id="cm-9_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09e."/>
-          <link rel="depends-on" href="#cm-9_smt.e"/>
           <part id="cm-9_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09e.[01]"/>
-            <link rel="depends-on" href="#cm-9_smt.e"/>
             <p>the configuration management plan is protected from unauthorized disclosure;</p>
+            <link rel="depends-on" href="#cm-9_smt.e"/>
           </part>
           <part id="cm-9_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-09e.[02]"/>
-            <link rel="depends-on" href="#cm-9_smt.e"/>
             <p>the configuration management plan is protected from unauthorized modification.</p>
+            <link rel="depends-on" href="#cm-9_smt.e"/>
           </part>
+          <link rel="depends-on" href="#cm-9_smt.e"/>
         </part>
+        <link rel="depends-on" href="#cm-9_smt"/>
       </part>
       <part id="cm-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23590,8 +23590,8 @@
         </part>
         <part id="cm-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-09(01)"/>
-          <link rel="depends-on" href="#cm-9.1_smt"/>
           <p>the responsibility for developing the configuration management process is assigned to organizational personnel who are not directly involved in system development.</p>
+          <link rel="depends-on" href="#cm-9.1_smt"/>
         </part>
         <part id="cm-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23646,22 +23646,22 @@
       </part>
       <part id="cm-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-10"/>
-        <link rel="depends-on" href="#cm-10_smt"/>
         <part id="cm-10_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-10a."/>
-          <link rel="depends-on" href="#cm-10_smt.a"/>
           <p>software and associated documentation are used in accordance with contract agreements and copyright laws;</p>
+          <link rel="depends-on" href="#cm-10_smt.a"/>
         </part>
         <part id="cm-10_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-10b."/>
-          <link rel="depends-on" href="#cm-10_smt.b"/>
           <p>the use of software and associated documentation protected by quantity licenses is tracked to control copying and distribution;</p>
+          <link rel="depends-on" href="#cm-10_smt.b"/>
         </part>
         <part id="cm-10_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-10c."/>
-          <link rel="depends-on" href="#cm-10_smt.c"/>
           <p>the use of peer-to-peer file sharing technology is controlled and documented to ensure that peer-to-peer file sharing is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.</p>
+          <link rel="depends-on" href="#cm-10_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cm-10_smt"/>
       </part>
       <part id="cm-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23723,8 +23723,8 @@
         </part>
         <part id="cm-10.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-10(01)"/>
-          <link rel="depends-on" href="#cm-10.1_smt"/>
           <p><insert type="param" id-ref="cm-10.01_odp"/> are established for the use of open-source software.</p>
+          <link rel="depends-on" href="#cm-10.1_smt"/>
         </part>
         <part id="cm-10.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23824,22 +23824,22 @@
       </part>
       <part id="cm-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-11"/>
-        <link rel="depends-on" href="#cm-11_smt"/>
         <part id="cm-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-11a."/>
-          <link rel="depends-on" href="#cm-11_smt.a"/>
           <p><insert type="param" id-ref="cm-11_odp.01"/> governing the installation of software by users are established;</p>
+          <link rel="depends-on" href="#cm-11_smt.a"/>
         </part>
         <part id="cm-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-11b."/>
-          <link rel="depends-on" href="#cm-11_smt.b"/>
           <p>software installation policies are enforced through <insert type="param" id-ref="cm-11_odp.02"/>;</p>
+          <link rel="depends-on" href="#cm-11_smt.b"/>
         </part>
         <part id="cm-11_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-11c."/>
-          <link rel="depends-on" href="#cm-11_smt.c"/>
           <p>compliance with <insert type="param" id-ref="cm-11_odp.01"/> is monitored <insert type="param" id-ref="cm-11_odp.03"/>.</p>
+          <link rel="depends-on" href="#cm-11_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cm-11_smt"/>
       </part>
       <part id="cm-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23904,8 +23904,8 @@
         </part>
         <part id="cm-11.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-11(02)"/>
-          <link rel="depends-on" href="#cm-11.2_smt"/>
           <p>user installation of software is allowed only with explicit privileged status.</p>
+          <link rel="depends-on" href="#cm-11.2_smt"/>
         </part>
         <part id="cm-11.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -23978,17 +23978,17 @@
         </part>
         <part id="cm-11.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-11(03)"/>
-          <link rel="depends-on" href="#cm-11.3_smt"/>
           <part id="cm-11.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-11(03)[01]"/>
-            <link rel="depends-on" href="#cm-11.3_smt"/>
             <p>compliance with software installation policies is enforced using <insert type="param" id-ref="cm-11.03_odp.01"/>;</p>
+            <link rel="depends-on" href="#cm-11.3_smt"/>
           </part>
           <part id="cm-11.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-11(03)[02]"/>
-            <link rel="depends-on" href="#cm-11.3_smt"/>
             <p>compliance with software installation policies is monitored using <insert type="param" id-ref="cm-11.03_odp.02"/>.</p>
+            <link rel="depends-on" href="#cm-11.3_smt"/>
           </part>
+          <link rel="depends-on" href="#cm-11.3_smt"/>
         </part>
         <part id="cm-11.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -24083,54 +24083,54 @@
       </part>
       <part id="cm-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-12"/>
-        <link rel="depends-on" href="#cm-12_smt"/>
         <part id="cm-12_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-12a."/>
-          <link rel="depends-on" href="#cm-12_smt.a"/>
           <part id="cm-12_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12a.[01]"/>
-            <link rel="depends-on" href="#cm-12_smt.a"/>
             <p>the location of <insert type="param" id-ref="cm-12_odp"/> is identified and documented;</p>
+            <link rel="depends-on" href="#cm-12_smt.a"/>
           </part>
           <part id="cm-12_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12a.[02]"/>
-            <link rel="depends-on" href="#cm-12_smt.a"/>
             <p>the specific system components on which <insert type="param" id-ref="cm-12_odp"/> is processed are identified and documented;</p>
+            <link rel="depends-on" href="#cm-12_smt.a"/>
           </part>
           <part id="cm-12_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12a.[03]"/>
-            <link rel="depends-on" href="#cm-12_smt.a"/>
             <p>the specific system components on which <insert type="param" id-ref="cm-12_odp"/> is stored are identified and documented;</p>
+            <link rel="depends-on" href="#cm-12_smt.a"/>
           </part>
+          <link rel="depends-on" href="#cm-12_smt.a"/>
         </part>
         <part id="cm-12_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-12b."/>
-          <link rel="depends-on" href="#cm-12_smt.b"/>
           <part id="cm-12_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12b.[01]"/>
-            <link rel="depends-on" href="#cm-12_smt.b"/>
             <p>the users who have access to the system and system components where <insert type="param" id-ref="cm-12_odp"/> is processed are identified and documented;</p>
+            <link rel="depends-on" href="#cm-12_smt.b"/>
           </part>
           <part id="cm-12_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12b.[02]"/>
-            <link rel="depends-on" href="#cm-12_smt.b"/>
             <p>the users who have access to the system and system components where <insert type="param" id-ref="cm-12_odp"/> is stored are identified and documented;</p>
+            <link rel="depends-on" href="#cm-12_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cm-12_smt.b"/>
         </part>
         <part id="cm-12_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-12c."/>
-          <link rel="depends-on" href="#cm-12_smt.c"/>
           <part id="cm-12_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12c.[01]"/>
-            <link rel="depends-on" href="#cm-12_smt.c"/>
             <p>changes to the location (i.e., system or system components) where <insert type="param" id-ref="cm-12_odp"/> is processed are documented;</p>
+            <link rel="depends-on" href="#cm-12_smt.c"/>
           </part>
           <part id="cm-12_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CM-12c.[02]"/>
-            <link rel="depends-on" href="#cm-12_smt.c"/>
             <p>changes to the location (i.e., system or system components) where <insert type="param" id-ref="cm-12_odp"/> is stored are documented.</p>
+            <link rel="depends-on" href="#cm-12_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cm-12_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cm-12_smt"/>
       </part>
       <part id="cm-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -24203,8 +24203,8 @@
         </part>
         <part id="cm-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-12(01)"/>
-          <link rel="depends-on" href="#cm-12.1_smt"/>
           <p>automated tools are used to identify <insert type="param" id-ref="cm-12.01_odp.01"/> on <insert type="param" id-ref="cm-12.01_odp.02"/> to ensure that controls are in place to protect organizational information and individual privacy.</p>
+          <link rel="depends-on" href="#cm-12.1_smt"/>
         </part>
         <part id="cm-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -24267,8 +24267,8 @@
       </part>
       <part id="cm-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-13"/>
-        <link rel="depends-on" href="#cm-13_smt"/>
         <p>a map of system data actions is developed and documented.</p>
+        <link rel="depends-on" href="#cm-13_smt"/>
       </part>
       <part id="cm-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -24348,17 +24348,17 @@
       </part>
       <part id="cm-14_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CM-14"/>
-        <link rel="depends-on" href="#cm-14_smt"/>
         <part id="cm-14_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-14[01]"/>
-          <link rel="depends-on" href="#cm-14_smt"/>
           <p>the installation of <insert type="param" id-ref="cm-14_odp.01"/> is prevented unless it is verified that the software has been digitally signed using a certificate recognized and approved by the organization;</p>
+          <link rel="depends-on" href="#cm-14_smt"/>
         </part>
         <part id="cm-14_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CM-14[02]"/>
-          <link rel="depends-on" href="#cm-14_smt"/>
           <p>the installation of <insert type="param" id-ref="cm-14_odp.02"/> is prevented unless it is verified that the firmware has been digitally signed using a certificate recognized and approved by the organization.</p>
+          <link rel="depends-on" href="#cm-14_smt"/>
         </part>
+        <link rel="depends-on" href="#cm-14_smt"/>
       </part>
       <part id="cm-14_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -24526,116 +24526,116 @@
       </part>
       <part id="cp-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-01"/>
-        <link rel="depends-on" href="#cp-1_smt"/>
         <part id="cp-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-01a."/>
-          <link rel="depends-on" href="#cp-1_smt.a"/>
           <part id="cp-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01a.[01]"/>
-            <link rel="depends-on" href="#cp-1_smt.a"/>
             <p>a contingency planning policy is developed and documented;</p>
+            <link rel="depends-on" href="#cp-1_smt.a"/>
           </part>
           <part id="cp-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01a.[02]"/>
-            <link rel="depends-on" href="#cp-1_smt.a"/>
             <p>the contingency planning policy is disseminated to <insert type="param" id-ref="cp-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#cp-1_smt.a"/>
           </part>
           <part id="cp-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01a.[03]"/>
-            <link rel="depends-on" href="#cp-1_smt.a"/>
             <p>contingency planning procedures to facilitate the implementation of the contingency planning policy and associated contingency planning controls are developed and documented;</p>
+            <link rel="depends-on" href="#cp-1_smt.a"/>
           </part>
           <part id="cp-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01a.[04]"/>
-            <link rel="depends-on" href="#cp-1_smt.a"/>
             <p>the contingency planning procedures are disseminated to <insert type="param" id-ref="cp-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#cp-1_smt.a"/>
           </part>
           <part id="cp-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01a.01"/>
-            <link rel="depends-on" href="#cp-1_smt.a.1"/>
             <part id="cp-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-01a.01(a)"/>
-              <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               <part id="cp-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses purpose;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
               <part id="cp-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses scope;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
               <part id="cp-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses roles;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
               <part id="cp-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
               <part id="cp-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses management commitment;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
               <part id="cp-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
               <part id="cp-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="CP-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy addresses compliance;</p>
+                <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#cp-1_smt.a.1.a"/>
             </part>
             <part id="cp-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-01a.01(b)"/>
-              <link rel="depends-on" href="#cp-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="cp-01_odp.03"/> contingency planning policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#cp-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#cp-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#cp-1_smt.a"/>
         </part>
         <part id="cp-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-01b."/>
-          <link rel="depends-on" href="#cp-1_smt.b"/>
           <p>the <insert type="param" id-ref="cp-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the contingency planning policy and procedures;</p>
+          <link rel="depends-on" href="#cp-1_smt.b"/>
         </part>
         <part id="cp-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-01c."/>
-          <link rel="depends-on" href="#cp-1_smt.c"/>
           <part id="cp-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01c.01"/>
-            <link rel="depends-on" href="#cp-1_smt.c.1"/>
             <part id="cp-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-01c.01[01]"/>
-              <link rel="depends-on" href="#cp-1_smt.c.1"/>
               <p>the current contingency planning policy is reviewed and updated <insert type="param" id-ref="cp-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#cp-1_smt.c.1"/>
             </part>
             <part id="cp-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-01c.01[02]"/>
-              <link rel="depends-on" href="#cp-1_smt.c.1"/>
               <p>the current contingency planning policy is reviewed and updated following <insert type="param" id-ref="cp-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#cp-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#cp-1_smt.c.1"/>
           </part>
           <part id="cp-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-01c.02"/>
-            <link rel="depends-on" href="#cp-1_smt.c.2"/>
             <part id="cp-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-01c.02[01]"/>
-              <link rel="depends-on" href="#cp-1_smt.c.2"/>
               <p>the current contingency planning procedures are reviewed and updated <insert type="param" id-ref="cp-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#cp-1_smt.c.2"/>
             </part>
             <part id="cp-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-01c.02[02]"/>
-              <link rel="depends-on" href="#cp-1_smt.c.2"/>
               <p>the current contingency planning procedures are reviewed and updated following <insert type="param" id-ref="cp-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#cp-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#cp-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#cp-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cp-1_smt"/>
       </part>
       <part id="cp-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -24822,163 +24822,163 @@
       </part>
       <part id="cp-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-02"/>
-        <link rel="depends-on" href="#cp-2_smt"/>
         <part id="cp-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02a."/>
-          <link rel="depends-on" href="#cp-2_smt.a"/>
           <part id="cp-2_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.01"/>
-            <link rel="depends-on" href="#cp-2_smt.a.1"/>
             <p>a contingency plan for the system is developed that identifies essential mission and business functions and associated contingency requirements;</p>
+            <link rel="depends-on" href="#cp-2_smt.a.1"/>
           </part>
           <part id="cp-2_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.02"/>
-            <link rel="depends-on" href="#cp-2_smt.a.2"/>
             <part id="cp-2_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.02[01]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.2"/>
               <p>a contingency plan for the system is developed that provides recovery objectives;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.2"/>
             </part>
             <part id="cp-2_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.02[02]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.2"/>
               <p>a contingency plan for the system is developed that provides restoration priorities;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.2"/>
             </part>
             <part id="cp-2_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.02[03]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.2"/>
               <p>a contingency plan for the system is developed that provides metrics;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#cp-2_smt.a.2"/>
           </part>
           <part id="cp-2_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.03"/>
-            <link rel="depends-on" href="#cp-2_smt.a.3"/>
             <part id="cp-2_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.03[01]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.3"/>
               <p>a contingency plan for the system is developed that addresses contingency roles;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.3"/>
             </part>
             <part id="cp-2_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.03[02]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.3"/>
               <p>a contingency plan for the system is developed that addresses contingency responsibilities;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.3"/>
             </part>
             <part id="cp-2_obj.a.3-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.03[03]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.3"/>
               <p>a contingency plan for the system is developed that addresses assigned individuals with contact information;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#cp-2_smt.a.3"/>
           </part>
           <part id="cp-2_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.04"/>
-            <link rel="depends-on" href="#cp-2_smt.a.4"/>
             <p>a contingency plan for the system is developed that addresses maintaining essential mission and business functions despite a system disruption, compromise, or failure;</p>
+            <link rel="depends-on" href="#cp-2_smt.a.4"/>
           </part>
           <part id="cp-2_obj.a.5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.05"/>
-            <link rel="depends-on" href="#cp-2_smt.a.5"/>
             <p>a contingency plan for the system is developed that addresses eventual, full-system restoration without deterioration of the controls originally planned and implemented;</p>
+            <link rel="depends-on" href="#cp-2_smt.a.5"/>
           </part>
           <part id="cp-2_obj.a.6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.06"/>
-            <link rel="depends-on" href="#cp-2_smt.a.6"/>
             <p>a contingency plan for the system is developed that addresses the sharing of contingency information;</p>
+            <link rel="depends-on" href="#cp-2_smt.a.6"/>
           </part>
           <part id="cp-2_obj.a.7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02a.07"/>
-            <link rel="depends-on" href="#cp-2_smt.a.7"/>
             <part id="cp-2_obj.a.7-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.07[01]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.7"/>
               <p>a contingency plan for the system is developed that is reviewed by <insert type="param" id-ref="cp-02_odp.01"/>;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.7"/>
             </part>
             <part id="cp-2_obj.a.7-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-02a.07[02]"/>
-              <link rel="depends-on" href="#cp-2_smt.a.7"/>
               <p>a contingency plan for the system is developed that is approved by <insert type="param" id-ref="cp-02_odp.02"/>;</p>
+              <link rel="depends-on" href="#cp-2_smt.a.7"/>
             </part>
+            <link rel="depends-on" href="#cp-2_smt.a.7"/>
           </part>
+          <link rel="depends-on" href="#cp-2_smt.a"/>
         </part>
         <part id="cp-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02b."/>
-          <link rel="depends-on" href="#cp-2_smt.b"/>
           <part id="cp-2_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02b.[01]"/>
-            <link rel="depends-on" href="#cp-2_smt.b"/>
             <p>copies of the contingency plan are distributed to <insert type="param" id-ref="cp-02_odp.03"/>;</p>
+            <link rel="depends-on" href="#cp-2_smt.b"/>
           </part>
           <part id="cp-2_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02b.[02]"/>
-            <link rel="depends-on" href="#cp-2_smt.b"/>
             <p>copies of the contingency plan are distributed to <insert type="param" id-ref="cp-02_odp.04"/>;</p>
+            <link rel="depends-on" href="#cp-2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cp-2_smt.b"/>
         </part>
         <part id="cp-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02c."/>
-          <link rel="depends-on" href="#cp-2_smt.c"/>
           <p>contingency planning activities are coordinated with incident handling activities;</p>
+          <link rel="depends-on" href="#cp-2_smt.c"/>
         </part>
         <part id="cp-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02d."/>
-          <link rel="depends-on" href="#cp-2_smt.d"/>
           <p>the contingency plan for the system is reviewed <insert type="param" id-ref="cp-02_odp.05"/>;</p>
+          <link rel="depends-on" href="#cp-2_smt.d"/>
         </part>
         <part id="cp-2_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02e."/>
-          <link rel="depends-on" href="#cp-2_smt.e"/>
           <part id="cp-2_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02e.[01]"/>
-            <link rel="depends-on" href="#cp-2_smt.e"/>
             <p>the contingency plan is updated to address changes to the organization, system, or environment of operation;</p>
+            <link rel="depends-on" href="#cp-2_smt.e"/>
           </part>
           <part id="cp-2_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02e.[02]"/>
-            <link rel="depends-on" href="#cp-2_smt.e"/>
             <p>the contingency plan is updated to address problems encountered during contingency plan implementation, execution, or testing;</p>
+            <link rel="depends-on" href="#cp-2_smt.e"/>
           </part>
+          <link rel="depends-on" href="#cp-2_smt.e"/>
         </part>
         <part id="cp-2_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02f."/>
-          <link rel="depends-on" href="#cp-2_smt.f"/>
           <part id="cp-2_obj.f-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02f.[01]"/>
-            <link rel="depends-on" href="#cp-2_smt.f"/>
             <p>contingency plan changes are communicated to <insert type="param" id-ref="cp-02_odp.06"/>;</p>
+            <link rel="depends-on" href="#cp-2_smt.f"/>
           </part>
           <part id="cp-2_obj.f-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02f.[02]"/>
-            <link rel="depends-on" href="#cp-2_smt.f"/>
             <p>contingency plan changes are communicated to <insert type="param" id-ref="cp-02_odp.07"/>;</p>
+            <link rel="depends-on" href="#cp-2_smt.f"/>
           </part>
+          <link rel="depends-on" href="#cp-2_smt.f"/>
         </part>
         <part id="cp-2_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02g."/>
-          <link rel="depends-on" href="#cp-2_smt.g"/>
           <part id="cp-2_obj.g-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02g.[01]"/>
-            <link rel="depends-on" href="#cp-2_smt.g"/>
             <p>lessons learned from contingency plan testing or actual contingency activities are incorporated into contingency testing;</p>
+            <link rel="depends-on" href="#cp-2_smt.g"/>
           </part>
           <part id="cp-2_obj.g-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02g.[02]"/>
-            <link rel="depends-on" href="#cp-2_smt.g"/>
             <p>lessons learned from contingency plan training or actual contingency activities are incorporated into contingency testing and training;</p>
+            <link rel="depends-on" href="#cp-2_smt.g"/>
           </part>
+          <link rel="depends-on" href="#cp-2_smt.g"/>
         </part>
         <part id="cp-2_obj.h" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02h."/>
-          <link rel="depends-on" href="#cp-2_smt.h"/>
           <part id="cp-2_obj.h-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02h.[01]"/>
-            <link rel="depends-on" href="#cp-2_smt.h"/>
             <p>the contingency plan is protected from unauthorized disclosure;</p>
+            <link rel="depends-on" href="#cp-2_smt.h"/>
           </part>
           <part id="cp-2_obj.h-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02h.[02]"/>
-            <link rel="depends-on" href="#cp-2_smt.h"/>
             <p>the contingency plan is protected from unauthorized modification.</p>
+            <link rel="depends-on" href="#cp-2_smt.h"/>
           </part>
+          <link rel="depends-on" href="#cp-2_smt.h"/>
         </part>
+        <link rel="depends-on" href="#cp-2_smt"/>
       </part>
       <part id="cp-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25025,8 +25025,8 @@
         </part>
         <part id="cp-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(01)"/>
-          <link rel="depends-on" href="#cp-2.1_smt"/>
           <p>contingency plan development is coordinated with organizational elements responsible for related plans.</p>
+          <link rel="depends-on" href="#cp-2.1_smt"/>
         </part>
         <part id="cp-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25078,22 +25078,22 @@
         </part>
         <part id="cp-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(02)"/>
-          <link rel="depends-on" href="#cp-2.2_smt"/>
           <part id="cp-2.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(02)[01]"/>
-            <link rel="depends-on" href="#cp-2.2_smt"/>
             <p>capacity planning is conducted so that the necessary capacity exists during contingency operations for information processing;</p>
+            <link rel="depends-on" href="#cp-2.2_smt"/>
           </part>
           <part id="cp-2.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(02)[02]"/>
-            <link rel="depends-on" href="#cp-2.2_smt"/>
             <p>capacity planning is conducted so that the necessary capacity exists during contingency operations for telecommunications;</p>
+            <link rel="depends-on" href="#cp-2.2_smt"/>
           </part>
           <part id="cp-2.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(02)[03]"/>
-            <link rel="depends-on" href="#cp-2.2_smt"/>
             <p>capacity planning is conducted so that the necessary capacity exists during contingency operations for environmental support.</p>
+            <link rel="depends-on" href="#cp-2.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-2.2_smt"/>
         </part>
         <part id="cp-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25148,8 +25148,8 @@
         </part>
         <part id="cp-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(03)"/>
-          <link rel="depends-on" href="#cp-2.3_smt"/>
           <p>the resumption of <insert type="param" id-ref="cp-02.03_odp.01"/> mission and business functions are planned for within <insert type="param" id-ref="cp-02.03_odp.02"/> of contingency plan activation.</p>
+          <link rel="depends-on" href="#cp-2.3_smt"/>
         </part>
         <part id="cp-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25214,17 +25214,17 @@
         </part>
         <part id="cp-2.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(05)"/>
-          <link rel="depends-on" href="#cp-2.5_smt"/>
           <part id="cp-2.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(05)[01]"/>
-            <link rel="depends-on" href="#cp-2.5_smt"/>
             <p>the continuance of <insert type="param" id-ref="cp-02.05_odp"/> mission and business functions with minimal or no loss of operational continuity is planned for;</p>
+            <link rel="depends-on" href="#cp-2.5_smt"/>
           </part>
           <part id="cp-2.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(05)[02]"/>
-            <link rel="depends-on" href="#cp-2.5_smt"/>
             <p>continuity is sustained until full system restoration at primary processing and/or storage sites.</p>
+            <link rel="depends-on" href="#cp-2.5_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-2.5_smt"/>
         </part>
         <part id="cp-2.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25284,17 +25284,17 @@
         </part>
         <part id="cp-2.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(06)"/>
-          <link rel="depends-on" href="#cp-2.6_smt"/>
           <part id="cp-2.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(06)[01]"/>
-            <link rel="depends-on" href="#cp-2.6_smt"/>
             <p>the transfer of <insert type="param" id-ref="cp-02.06_odp"/> mission and business functions to alternate processing and/or storage sites with minimal or no loss of operational continuity is planned for;</p>
+            <link rel="depends-on" href="#cp-2.6_smt"/>
           </part>
           <part id="cp-2.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-02(06)[02]"/>
-            <link rel="depends-on" href="#cp-2.6_smt"/>
             <p>operational continuity is sustained until full system restoration at primary processing and/or storage sites.</p>
+            <link rel="depends-on" href="#cp-2.6_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-2.6_smt"/>
         </part>
         <part id="cp-2.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25345,8 +25345,8 @@
         </part>
         <part id="cp-2.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(07)"/>
-          <link rel="depends-on" href="#cp-2.7_smt"/>
           <p>the contingency plan is coordinated with the contingency plans of external service providers to ensure that contingency requirements can be satisfied.</p>
+          <link rel="depends-on" href="#cp-2.7_smt"/>
         </part>
         <part id="cp-2.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25398,8 +25398,8 @@
         </part>
         <part id="cp-2.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-02(08)"/>
-          <link rel="depends-on" href="#cp-2.8_smt"/>
           <p>critical system assets supporting <insert type="param" id-ref="cp-02.08_odp"/> mission and business functions are identified.</p>
+          <link rel="depends-on" href="#cp-2.8_smt"/>
         </part>
         <part id="cp-2.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25500,40 +25500,40 @@
       </part>
       <part id="cp-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-03"/>
-        <link rel="depends-on" href="#cp-3_smt"/>
         <part id="cp-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-03a."/>
-          <link rel="depends-on" href="#cp-3_smt.a"/>
           <part id="cp-3_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-03a.01"/>
-            <link rel="depends-on" href="#cp-3_smt.a.1"/>
             <p>contingency training is provided to system users consistent with assigned roles and responsibilities within <insert type="param" id-ref="cp-03_odp.01"/> of assuming a contingency role or responsibility;</p>
+            <link rel="depends-on" href="#cp-3_smt.a.1"/>
           </part>
           <part id="cp-3_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-03a.02"/>
-            <link rel="depends-on" href="#cp-3_smt.a.2"/>
             <p>contingency training is provided to system users consistent with assigned roles and responsibilities when required by system changes;</p>
+            <link rel="depends-on" href="#cp-3_smt.a.2"/>
           </part>
           <part id="cp-3_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-03a.03"/>
-            <link rel="depends-on" href="#cp-3_smt.a.3"/>
             <p>contingency training is provided to system users consistent with assigned roles and responsibilities <insert type="param" id-ref="cp-03_odp.02"/> thereafter;</p>
+            <link rel="depends-on" href="#cp-3_smt.a.3"/>
           </part>
+          <link rel="depends-on" href="#cp-3_smt.a"/>
         </part>
         <part id="cp-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-03b."/>
-          <link rel="depends-on" href="#cp-3_smt.b"/>
           <part id="cp-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-03b.[01]"/>
-            <link rel="depends-on" href="#cp-3_smt.b"/>
             <p>the contingency plan training content is reviewed and updated <insert type="param" id-ref="cp-03_odp.03"/>;</p>
+            <link rel="depends-on" href="#cp-3_smt.b"/>
           </part>
           <part id="cp-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-03b.[02]"/>
-            <link rel="depends-on" href="#cp-3_smt.b"/>
             <p>the contingency plan training content is reviewed and updated following <insert type="param" id-ref="cp-03_odp.04"/>.</p>
+            <link rel="depends-on" href="#cp-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cp-3_smt.b"/>
         </part>
+        <link rel="depends-on" href="#cp-3_smt"/>
       </part>
       <part id="cp-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25580,8 +25580,8 @@
         </part>
         <part id="cp-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-03(01)"/>
-          <link rel="depends-on" href="#cp-3.1_smt"/>
           <p>simulated events are incorporated into contingency training to facilitate effective response by personnel in crisis situations.</p>
+          <link rel="depends-on" href="#cp-3.1_smt"/>
         </part>
         <part id="cp-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25629,8 +25629,8 @@
         </part>
         <part id="cp-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-03(02)"/>
-          <link rel="depends-on" href="#cp-3.2_smt"/>
           <p>mechanisms used in operations are employed to provide a more thorough and realistic contingency training environment.</p>
+          <link rel="depends-on" href="#cp-3.2_smt"/>
         </part>
         <part id="cp-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25730,36 +25730,36 @@
       </part>
       <part id="cp-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-04"/>
-        <link rel="depends-on" href="#cp-4_smt"/>
         <part id="cp-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04a."/>
-          <link rel="depends-on" href="#cp-4_smt.a"/>
           <part id="cp-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04a.[01]"/>
-            <link rel="depends-on" href="#cp-4_smt.a"/>
             <p>the contingency plan for the system is tested <insert type="param" id-ref="cp-04_odp.01"/>;</p>
+            <link rel="depends-on" href="#cp-4_smt.a"/>
           </part>
           <part id="cp-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04a.[02]"/>
-            <link rel="depends-on" href="#cp-4_smt.a"/>
             <p><insert type="param" id-ref="cp-04_odp.02"/> are used to determine the effectiveness of the plan;</p>
+            <link rel="depends-on" href="#cp-4_smt.a"/>
           </part>
           <part id="cp-4_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04a.[03]"/>
-            <link rel="depends-on" href="#cp-4_smt.a"/>
             <p><insert type="param" id-ref="cp-04_odp.03"/> are used to determine the readiness to execute the plan;</p>
+            <link rel="depends-on" href="#cp-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#cp-4_smt.a"/>
         </part>
         <part id="cp-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04b."/>
-          <link rel="depends-on" href="#cp-4_smt.b"/>
           <p>the contingency plan test results are reviewed;</p>
+          <link rel="depends-on" href="#cp-4_smt.b"/>
         </part>
         <part id="cp-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04c."/>
-          <link rel="depends-on" href="#cp-4_smt.c"/>
           <p>corrective actions are initiated, if needed.</p>
+          <link rel="depends-on" href="#cp-4_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cp-4_smt"/>
       </part>
       <part id="cp-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25808,8 +25808,8 @@
         </part>
         <part id="cp-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04(01)"/>
-          <link rel="depends-on" href="#cp-4.1_smt"/>
           <p>contingency plan testing is coordinated with organizational elements responsible for related plans.</p>
+          <link rel="depends-on" href="#cp-4.1_smt"/>
         </part>
         <part id="cp-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25866,17 +25866,17 @@
         </part>
         <part id="cp-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04(02)"/>
-          <link rel="depends-on" href="#cp-4.2_smt"/>
           <part id="cp-4.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04(02)(a)"/>
-            <link rel="depends-on" href="#cp-4.2_smt.a"/>
             <p>the contingency plan is tested at the alternate processing site to familiarize contingency personnel with the facility and available resources;</p>
+            <link rel="depends-on" href="#cp-4.2_smt.a"/>
           </part>
           <part id="cp-4.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04(02)(b)"/>
-            <link rel="depends-on" href="#cp-4.2_smt.b"/>
             <p>the contingency plan is tested at the alternate processing site to evaluate the capabilities of the alternate processing site to support contingency operations.</p>
+            <link rel="depends-on" href="#cp-4.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cp-4.2_smt"/>
         </part>
         <part id="cp-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25934,8 +25934,8 @@
         </part>
         <part id="cp-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04(03)"/>
-          <link rel="depends-on" href="#cp-4.3_smt"/>
           <p>the contingency plan is tested using <insert type="param" id-ref="cp-04.03_odp"/>.</p>
+          <link rel="depends-on" href="#cp-4.3_smt"/>
         </part>
         <part id="cp-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -25986,17 +25986,17 @@
         </part>
         <part id="cp-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04(04)"/>
-          <link rel="depends-on" href="#cp-4.4_smt"/>
           <part id="cp-4.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04(04)[01]"/>
-            <link rel="depends-on" href="#cp-4.4_smt"/>
             <p>a full recovery of the system to a known state is included as part of contingency plan testing;</p>
+            <link rel="depends-on" href="#cp-4.4_smt"/>
           </part>
           <part id="cp-4.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-04(04)[02]"/>
-            <link rel="depends-on" href="#cp-4.4_smt"/>
             <p>a full reconstitution of the system to a known state is included as part of contingency plan testing.</p>
+            <link rel="depends-on" href="#cp-4.4_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-4.4_smt"/>
         </part>
         <part id="cp-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26063,8 +26063,8 @@
         </part>
         <part id="cp-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-04(05)"/>
-          <link rel="depends-on" href="#cp-4.5_smt"/>
           <p><insert type="param" id-ref="cp-04.05_odp.01"/> are employed to disrupt and adversely affect the <insert type="param" id-ref="cp-04.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#cp-4.5_smt"/>
         </part>
         <part id="cp-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26138,26 +26138,26 @@
       </part>
       <part id="cp-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-06"/>
-        <link rel="depends-on" href="#cp-6_smt"/>
         <part id="cp-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-06a."/>
-          <link rel="depends-on" href="#cp-6_smt.a"/>
           <part id="cp-6_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-06a.[01]"/>
-            <link rel="depends-on" href="#cp-6_smt.a"/>
             <p>an alternate storage site is established;</p>
+            <link rel="depends-on" href="#cp-6_smt.a"/>
           </part>
           <part id="cp-6_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-06a.[02]"/>
-            <link rel="depends-on" href="#cp-6_smt.a"/>
             <p>establishment of the alternate storage site includes necessary agreements to permit the storage and retrieval of system backup information;</p>
+            <link rel="depends-on" href="#cp-6_smt.a"/>
           </part>
+          <link rel="depends-on" href="#cp-6_smt.a"/>
         </part>
         <part id="cp-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-06b."/>
-          <link rel="depends-on" href="#cp-6_smt.b"/>
           <p>the alternate storage site provides controls equivalent to that of the primary site.</p>
+          <link rel="depends-on" href="#cp-6_smt.b"/>
         </part>
+        <link rel="depends-on" href="#cp-6_smt"/>
       </part>
       <part id="cp-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26205,8 +26205,8 @@
         </part>
         <part id="cp-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-06(01)"/>
-          <link rel="depends-on" href="#cp-6.1_smt"/>
           <p>an alternate storage site that is sufficiently separated from the primary storage site is identified to reduce susceptibility to the same threats.</p>
+          <link rel="depends-on" href="#cp-6.1_smt"/>
         </part>
         <part id="cp-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26247,17 +26247,17 @@
         </part>
         <part id="cp-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-06(02)"/>
-          <link rel="depends-on" href="#cp-6.2_smt"/>
           <part id="cp-6.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-06(02)[01]"/>
-            <link rel="depends-on" href="#cp-6.2_smt"/>
             <p>the alternate storage site is configured to facilitate recovery operations in accordance with recovery time objectives;</p>
+            <link rel="depends-on" href="#cp-6.2_smt"/>
           </part>
           <part id="cp-6.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-06(02)[02]"/>
-            <link rel="depends-on" href="#cp-6.2_smt"/>
             <p>the alternate storage site is configured to facilitate recovery operations in accordance with recovery point objectives.</p>
+            <link rel="depends-on" href="#cp-6.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-6.2_smt"/>
         </part>
         <part id="cp-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26307,17 +26307,17 @@
         </part>
         <part id="cp-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-06(03)"/>
-          <link rel="depends-on" href="#cp-6.3_smt"/>
           <part id="cp-6.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-06(03)[01]"/>
-            <link rel="depends-on" href="#cp-6.3_smt"/>
             <p>potential accessibility problems to the alternate storage site in the event of an area-wide disruption or disaster are identified;</p>
+            <link rel="depends-on" href="#cp-6.3_smt"/>
           </part>
           <part id="cp-6.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-06(03)[02]"/>
-            <link rel="depends-on" href="#cp-6.3_smt"/>
             <p>explicit mitigation actions to address identified accessibility problems are outlined.</p>
+            <link rel="depends-on" href="#cp-6.3_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-6.3_smt"/>
         </part>
         <part id="cp-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26400,31 +26400,31 @@
       </part>
       <part id="cp-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-07"/>
-        <link rel="depends-on" href="#cp-7_smt"/>
         <part id="cp-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07a."/>
-          <link rel="depends-on" href="#cp-7_smt.a"/>
           <p>an alternate processing site, including necessary agreements to permit the transfer and resumption of <insert type="param" id-ref="cp-07_odp.01"/> for essential mission and business functions, is established within <insert type="param" id-ref="cp-07_odp.02"/> when the primary processing capabilities are unavailable;</p>
+          <link rel="depends-on" href="#cp-7_smt.a"/>
         </part>
         <part id="cp-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07b."/>
-          <link rel="depends-on" href="#cp-7_smt.b"/>
           <part id="cp-7_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-07b.[01]"/>
-            <link rel="depends-on" href="#cp-7_smt.b"/>
             <p>the equipment and supplies required to transfer operations are made available at the alternate processing site or if contracts are in place to support delivery to the site within <insert type="param" id-ref="cp-07_odp.02"/> for transfer;</p>
+            <link rel="depends-on" href="#cp-7_smt.b"/>
           </part>
           <part id="cp-7_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-07b.[02]"/>
-            <link rel="depends-on" href="#cp-7_smt.b"/>
             <p>the equipment and supplies required to resume operations are made available at the alternate processing site or if contracts are in place to support delivery to the site within <insert type="param" id-ref="cp-07_odp.02"/> for resumption;</p>
+            <link rel="depends-on" href="#cp-7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cp-7_smt.b"/>
         </part>
         <part id="cp-7_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07c."/>
-          <link rel="depends-on" href="#cp-7_smt.c"/>
           <p>controls provided at the alternate processing site are equivalent to those at the primary site.</p>
+          <link rel="depends-on" href="#cp-7_smt.c"/>
         </part>
+        <link rel="depends-on" href="#cp-7_smt"/>
       </part>
       <part id="cp-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26474,8 +26474,8 @@
         </part>
         <part id="cp-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07(01)"/>
-          <link rel="depends-on" href="#cp-7.1_smt"/>
           <p>an alternate processing site that is sufficiently separated from the primary processing site to reduce susceptibility to the same threats is identified.</p>
+          <link rel="depends-on" href="#cp-7.1_smt"/>
         </part>
         <part id="cp-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26517,17 +26517,17 @@
         </part>
         <part id="cp-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07(02)"/>
-          <link rel="depends-on" href="#cp-7.2_smt"/>
           <part id="cp-7.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-07(02)[01]"/>
-            <link rel="depends-on" href="#cp-7.2_smt"/>
             <p>potential accessibility problems to alternate processing sites in the event of an area-wide disruption or disaster are identified;</p>
+            <link rel="depends-on" href="#cp-7.2_smt"/>
           </part>
           <part id="cp-7.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-07(02)[02]"/>
-            <link rel="depends-on" href="#cp-7.2_smt"/>
             <p>explicit mitigation actions to address identified accessibility problems are outlined.</p>
+            <link rel="depends-on" href="#cp-7.2_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-7.2_smt"/>
         </part>
         <part id="cp-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26568,8 +26568,8 @@
         </part>
         <part id="cp-7.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07(03)"/>
-          <link rel="depends-on" href="#cp-7.3_smt"/>
           <p>alternate processing site agreements that contain priority-of-service provisions in accordance with availability requirements (including recovery time objectives) are developed.</p>
+          <link rel="depends-on" href="#cp-7.3_smt"/>
         </part>
         <part id="cp-7.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26613,8 +26613,8 @@
         </part>
         <part id="cp-7.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07(04)"/>
-          <link rel="depends-on" href="#cp-7.4_smt"/>
           <p>the alternate processing site is prepared so that the site can serve as the operational site supporting essential mission and business functions.</p>
+          <link rel="depends-on" href="#cp-7.4_smt"/>
         </part>
         <part id="cp-7.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26670,17 +26670,17 @@
         </part>
         <part id="cp-7.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-07(06)"/>
-          <link rel="depends-on" href="#cp-7.6_smt"/>
           <part id="cp-7.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-07(06)[01]"/>
-            <link rel="depends-on" href="#cp-7.6_smt"/>
             <p>circumstances that preclude returning to the primary processing site are planned for;</p>
+            <link rel="depends-on" href="#cp-7.6_smt"/>
           </part>
           <part id="cp-7.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-07(06)[02]"/>
-            <link rel="depends-on" href="#cp-7.6_smt"/>
             <p>circumstances that preclude returning to the primary processing site are prepared for.</p>
+            <link rel="depends-on" href="#cp-7.6_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-7.6_smt"/>
         </part>
         <part id="cp-7.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26742,8 +26742,8 @@
       </part>
       <part id="cp-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-08"/>
-        <link rel="depends-on" href="#cp-8_smt"/>
         <p>alternate telecommunications services, including necessary agreements to permit the resumption of <insert type="param" id-ref="cp-08_odp.01"/> , are established for essential mission and business functions within <insert type="param" id-ref="cp-08_odp.02"/> when the primary telecommunications capabilities are unavailable at either the primary or alternate processing or storage sites.</p>
+        <link rel="depends-on" href="#cp-8_smt"/>
       </part>
       <part id="cp-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26797,26 +26797,26 @@
         </part>
         <part id="cp-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-08(01)"/>
-          <link rel="depends-on" href="#cp-8.1_smt"/>
           <part id="cp-8.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-08(01)(a)"/>
-            <link rel="depends-on" href="#cp-8.1_smt.a"/>
             <part id="cp-8.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-08(01)(a)[01]"/>
-              <link rel="depends-on" href="#cp-8.1_smt.a"/>
               <p>primary telecommunications service agreements that contain priority-of-service provisions in accordance with availability requirements (including recovery time objectives) are developed;</p>
+              <link rel="depends-on" href="#cp-8.1_smt.a"/>
             </part>
             <part id="cp-8.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-08(01)(a)[02]"/>
-              <link rel="depends-on" href="#cp-8.1_smt.a"/>
               <p>alternate telecommunications service agreements that contain priority-of-service provisions in accordance with availability requirements (including recovery time objectives) are developed;</p>
+              <link rel="depends-on" href="#cp-8.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#cp-8.1_smt.a"/>
           </part>
           <part id="cp-8.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-08(01)(b)"/>
-            <link rel="depends-on" href="#cp-8.1_smt.b"/>
             <p>Telecommunications Service Priority is requested for all telecommunications services used for national security emergency preparedness if the primary and/or alternate telecommunications services are provided by a common carrier.</p>
+            <link rel="depends-on" href="#cp-8.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#cp-8.1_smt"/>
         </part>
         <part id="cp-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26864,8 +26864,8 @@
         </part>
         <part id="cp-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-08(02)"/>
-          <link rel="depends-on" href="#cp-8.2_smt"/>
           <p>alternate telecommunications services to reduce the likelihood of sharing a single point of failure with primary telecommunications services are obtained.</p>
+          <link rel="depends-on" href="#cp-8.2_smt"/>
         </part>
         <part id="cp-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26905,8 +26905,8 @@
         </part>
         <part id="cp-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-08(03)"/>
-          <link rel="depends-on" href="#cp-8.3_smt"/>
           <p>alternate telecommunications services from providers that are separated from primary service providers are obtained to reduce susceptibility to the same threats.</p>
+          <link rel="depends-on" href="#cp-8.3_smt"/>
         </part>
         <part id="cp-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -26979,40 +26979,40 @@
         </part>
         <part id="cp-8.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-08(04)"/>
-          <link rel="depends-on" href="#cp-8.4_smt"/>
           <part id="cp-8.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-08(04)(a)"/>
-            <link rel="depends-on" href="#cp-8.4_smt.a"/>
             <part id="cp-8.4_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-08(04)(a)[01]"/>
-              <link rel="depends-on" href="#cp-8.4_smt.a"/>
               <p>primary telecommunications service providers are required to have contingency plans;</p>
+              <link rel="depends-on" href="#cp-8.4_smt.a"/>
             </part>
             <part id="cp-8.4_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-08(04)(a)[02]"/>
-              <link rel="depends-on" href="#cp-8.4_smt.a"/>
               <p>alternate telecommunications service providers are required to have contingency plans;</p>
+              <link rel="depends-on" href="#cp-8.4_smt.a"/>
             </part>
+            <link rel="depends-on" href="#cp-8.4_smt.a"/>
           </part>
           <part id="cp-8.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-08(04)(b)"/>
-            <link rel="depends-on" href="#cp-8.4_smt.b"/>
             <p>provider contingency plans are reviewed to ensure that the plans meet organizational contingency requirements;</p>
+            <link rel="depends-on" href="#cp-8.4_smt.b"/>
           </part>
           <part id="cp-8.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-08(04)(c)"/>
-            <link rel="depends-on" href="#cp-8.4_smt.c"/>
             <part id="cp-8.4_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-08(04)(c)[01]"/>
-              <link rel="depends-on" href="#cp-8.4_smt.c"/>
               <p>evidence of contingency testing by providers is obtained <insert type="param" id-ref="cp-08.04_odp.01"/>.</p>
+              <link rel="depends-on" href="#cp-8.4_smt.c"/>
             </part>
             <part id="cp-8.4_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="CP-08(04)(c)[02]"/>
-              <link rel="depends-on" href="#cp-8.4_smt.c"/>
               <p>evidence of contingency training by providers is obtained <insert type="param" id-ref="cp-08.04_odp.02"/>.</p>
+              <link rel="depends-on" href="#cp-8.4_smt.c"/>
             </part>
+            <link rel="depends-on" href="#cp-8.4_smt.c"/>
           </part>
+          <link rel="depends-on" href="#cp-8.4_smt"/>
         </part>
         <part id="cp-8.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27063,8 +27063,8 @@
         </part>
         <part id="cp-8.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-08(05)"/>
-          <link rel="depends-on" href="#cp-8.5_smt"/>
           <p>alternate telecommunications services are tested <insert type="param" id-ref="cp-08.05_odp"/>.</p>
+          <link rel="depends-on" href="#cp-8.5_smt"/>
         </part>
         <part id="cp-8.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27176,41 +27176,41 @@
       </part>
       <part id="cp-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-09"/>
-        <link rel="depends-on" href="#cp-9_smt"/>
         <part id="cp-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09a."/>
-          <link rel="depends-on" href="#cp-9_smt.a"/>
           <p>backups of user-level information contained in <insert type="param" id-ref="cp-09_odp.01"/> are conducted <insert type="param" id-ref="cp-09_odp.02"/>;</p>
+          <link rel="depends-on" href="#cp-9_smt.a"/>
         </part>
         <part id="cp-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09b."/>
-          <link rel="depends-on" href="#cp-9_smt.b"/>
           <p>backups of system-level information contained in the system are conducted <insert type="param" id-ref="cp-09_odp.03"/>;</p>
+          <link rel="depends-on" href="#cp-9_smt.b"/>
         </part>
         <part id="cp-9_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09c."/>
-          <link rel="depends-on" href="#cp-9_smt.c"/>
           <p>backups of system documentation, including security- and privacy-related documentation are conducted <insert type="param" id-ref="cp-09_odp.04"/>;</p>
+          <link rel="depends-on" href="#cp-9_smt.c"/>
         </part>
         <part id="cp-9_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09d."/>
-          <link rel="depends-on" href="#cp-9_smt.d"/>
           <part id="cp-9_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09d.[01]"/>
-            <link rel="depends-on" href="#cp-9_smt.d"/>
             <p>the confidentiality of backup information is protected;</p>
+            <link rel="depends-on" href="#cp-9_smt.d"/>
           </part>
           <part id="cp-9_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09d.[02]"/>
-            <link rel="depends-on" href="#cp-9_smt.d"/>
             <p>the integrity of backup information is protected;</p>
+            <link rel="depends-on" href="#cp-9_smt.d"/>
           </part>
           <part id="cp-9_obj.d-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09d.[03]"/>
-            <link rel="depends-on" href="#cp-9_smt.d"/>
             <p>the availability of backup information is protected.</p>
+            <link rel="depends-on" href="#cp-9_smt.d"/>
           </part>
+          <link rel="depends-on" href="#cp-9_smt.d"/>
         </part>
+        <link rel="depends-on" href="#cp-9_smt"/>
       </part>
       <part id="cp-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27277,17 +27277,17 @@
         </part>
         <part id="cp-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(01)"/>
-          <link rel="depends-on" href="#cp-9.1_smt"/>
           <part id="cp-9.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09(01)[01]"/>
-            <link rel="depends-on" href="#cp-9.1_smt"/>
             <p>backup information is tested <insert type="param" id-ref="cp-09.01_odp.01"/> to verify media reliability;</p>
+            <link rel="depends-on" href="#cp-9.1_smt"/>
           </part>
           <part id="cp-9.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09(01)[02]"/>
-            <link rel="depends-on" href="#cp-9.1_smt"/>
             <p>backup information is tested <insert type="param" id-ref="cp-09.01_odp.02"/> to verify information integrity.</p>
+            <link rel="depends-on" href="#cp-9.1_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-9.1_smt"/>
         </part>
         <part id="cp-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27336,8 +27336,8 @@
         </part>
         <part id="cp-9.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(02)"/>
-          <link rel="depends-on" href="#cp-9.2_smt"/>
           <p>a sample of backup information in the restoration of selected system functions is used as part of contingency plan testing.</p>
+          <link rel="depends-on" href="#cp-9.2_smt"/>
         </part>
         <part id="cp-9.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27397,8 +27397,8 @@
         </part>
         <part id="cp-9.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(03)"/>
-          <link rel="depends-on" href="#cp-9.3_smt"/>
           <p>backup copies of <insert type="param" id-ref="cp-09.03_odp"/> are stored in a separate facility or in a fire rated container that is not collocated with the operational system.</p>
+          <link rel="depends-on" href="#cp-9.3_smt"/>
         </part>
         <part id="cp-9.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27470,17 +27470,17 @@
         </part>
         <part id="cp-9.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(05)"/>
-          <link rel="depends-on" href="#cp-9.5_smt"/>
           <part id="cp-9.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09(05)[01]"/>
-            <link rel="depends-on" href="#cp-9.5_smt"/>
             <p>system backup information is transferred to the alternate storage site for <insert type="param" id-ref="cp-09.05_odp.01"/>;</p>
+            <link rel="depends-on" href="#cp-9.5_smt"/>
           </part>
           <part id="cp-9.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09(05)[02]"/>
-            <link rel="depends-on" href="#cp-9.5_smt"/>
             <p>system backup information is transferred to the alternate storage site <insert type="param" id-ref="cp-09.05_odp.02"/>.</p>
+            <link rel="depends-on" href="#cp-9.5_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-9.5_smt"/>
         </part>
         <part id="cp-9.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27530,17 +27530,17 @@
         </part>
         <part id="cp-9.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(06)"/>
-          <link rel="depends-on" href="#cp-9.6_smt"/>
           <part id="cp-9.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09(06)[01]"/>
-            <link rel="depends-on" href="#cp-9.6_smt"/>
             <p>system backup is conducted by maintaining a redundant secondary system that is not collocated with the primary system;</p>
+            <link rel="depends-on" href="#cp-9.6_smt"/>
           </part>
           <part id="cp-9.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="CP-09(06)[02]"/>
-            <link rel="depends-on" href="#cp-9.6_smt"/>
             <p>system backup is conducted by maintaining a redundant secondary system that can be activated without loss of information or disruption to operations.</p>
+            <link rel="depends-on" href="#cp-9.6_smt"/>
           </part>
+          <link rel="depends-on" href="#cp-9.6_smt"/>
         </part>
         <part id="cp-9.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27603,8 +27603,8 @@
         </part>
         <part id="cp-9.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(07)"/>
-          <link rel="depends-on" href="#cp-9.7_smt"/>
           <p>dual authorization for the deletion or destruction of <insert type="param" id-ref="cp-09.07_odp"/> is enforced.</p>
+          <link rel="depends-on" href="#cp-9.7_smt"/>
         </part>
         <part id="cp-9.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27664,8 +27664,8 @@
         </part>
         <part id="cp-9.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-09(08)"/>
-          <link rel="depends-on" href="#cp-9.8_smt"/>
           <p>cryptographic mechanisms are implemented to prevent unauthorized disclosure and modification of <insert type="param" id-ref="cp-09.08_odp"/>.</p>
+          <link rel="depends-on" href="#cp-9.8_smt"/>
         </part>
         <part id="cp-9.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27740,17 +27740,17 @@
       </part>
       <part id="cp-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-10"/>
-        <link rel="depends-on" href="#cp-10_smt"/>
         <part id="cp-10_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-10[01]"/>
-          <link rel="depends-on" href="#cp-10_smt"/>
           <p>the recovery of the system to a known state is provided within <insert type="param" id-ref="cp-10_odp.01"/> after a disruption, compromise, or failure;</p>
+          <link rel="depends-on" href="#cp-10_smt"/>
         </part>
         <part id="cp-10_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-10[02]"/>
-          <link rel="depends-on" href="#cp-10_smt"/>
           <p>a reconstitution of the system to a known state is provided within <insert type="param" id-ref="cp-10_odp.02"/> after a disruption, compromise, or failure.</p>
+          <link rel="depends-on" href="#cp-10_smt"/>
         </part>
+        <link rel="depends-on" href="#cp-10_smt"/>
       </part>
       <part id="cp-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27807,8 +27807,8 @@
         </part>
         <part id="cp-10.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-10(02)"/>
-          <link rel="depends-on" href="#cp-10.2_smt"/>
           <p>transaction recovery is implemented for systems that are transaction-based.</p>
+          <link rel="depends-on" href="#cp-10.2_smt"/>
         </part>
         <part id="cp-10.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27878,8 +27878,8 @@
         </part>
         <part id="cp-10.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-10(04)"/>
-          <link rel="depends-on" href="#cp-10.4_smt"/>
           <p>the capability to restore system components within <insert type="param" id-ref="cp-10.04_odp"/> from configuration-controlled and integrity-protected information representing a known, operational state for the components is provided.</p>
+          <link rel="depends-on" href="#cp-10.4_smt"/>
         </part>
         <part id="cp-10.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -27942,8 +27942,8 @@
         </part>
         <part id="cp-10.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="CP-10(06)"/>
-          <link rel="depends-on" href="#cp-10.6_smt"/>
           <p>system components used for recovery and reconstitution are protected.</p>
+          <link rel="depends-on" href="#cp-10.6_smt"/>
         </part>
         <part id="cp-10.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28005,8 +28005,8 @@
       </part>
       <part id="cp-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-11"/>
-        <link rel="depends-on" href="#cp-11_smt"/>
         <p>the capability to employ <insert type="param" id-ref="cp-11_odp"/> are provided in support of maintaining continuity of operations.</p>
+        <link rel="depends-on" href="#cp-11_smt"/>
       </part>
       <part id="cp-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28079,8 +28079,8 @@
       </part>
       <part id="cp-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-12"/>
-        <link rel="depends-on" href="#cp-12_smt"/>
         <p>a safe mode of operation is entered with <insert type="param" id-ref="cp-12_odp.01"/> when <insert type="param" id-ref="cp-12_odp.02"/> are detected.</p>
+        <link rel="depends-on" href="#cp-12_smt"/>
       </part>
       <part id="cp-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28153,8 +28153,8 @@
       </part>
       <part id="cp-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="CP-13"/>
-        <link rel="depends-on" href="#cp-13_smt"/>
         <p><insert type="param" id-ref="cp-13_odp.01"/> are employed for satisfying <insert type="param" id-ref="cp-13_odp.02"/> when the primary means of implementing the security function is unavailable or compromised.</p>
+        <link rel="depends-on" href="#cp-13_smt"/>
       </part>
       <part id="cp-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28324,116 +28324,116 @@
       </part>
       <part id="ia-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-01"/>
-        <link rel="depends-on" href="#ia-1_smt"/>
         <part id="ia-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-01a."/>
-          <link rel="depends-on" href="#ia-1_smt.a"/>
           <part id="ia-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01a.[01]"/>
-            <link rel="depends-on" href="#ia-1_smt.a"/>
             <p>an identification and authentication policy is developed and documented;</p>
+            <link rel="depends-on" href="#ia-1_smt.a"/>
           </part>
           <part id="ia-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01a.[02]"/>
-            <link rel="depends-on" href="#ia-1_smt.a"/>
             <p>the identification and authentication policy is disseminated to <insert type="param" id-ref="ia-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ia-1_smt.a"/>
           </part>
           <part id="ia-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01a.[03]"/>
-            <link rel="depends-on" href="#ia-1_smt.a"/>
             <p>identification and authentication procedures to facilitate the implementation of the identification and authentication policy and associated identification and authentication controls are developed and documented;</p>
+            <link rel="depends-on" href="#ia-1_smt.a"/>
           </part>
           <part id="ia-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01a.[04]"/>
-            <link rel="depends-on" href="#ia-1_smt.a"/>
             <p>the identification and authentication procedures are disseminated to <insert type="param" id-ref="ia-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ia-1_smt.a"/>
           </part>
           <part id="ia-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01a.01"/>
-            <link rel="depends-on" href="#ia-1_smt.a.1"/>
             <part id="ia-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-01a.01(a)"/>
-              <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               <part id="ia-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses purpose;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
               <part id="ia-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses scope;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
               <part id="ia-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses roles;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
               <part id="ia-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
               <part id="ia-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
               <part id="ia-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
               <part id="ia-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IA-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy addresses compliance;</p>
+                <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ia-1_smt.a.1.a"/>
             </part>
             <part id="ia-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-01a.01(b)"/>
-              <link rel="depends-on" href="#ia-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ia-01_odp.03"/> identification and authentication policy is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ia-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ia-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ia-1_smt.a"/>
         </part>
         <part id="ia-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-01b."/>
-          <link rel="depends-on" href="#ia-1_smt.b"/>
           <p>the <insert type="param" id-ref="ia-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the identification and authentication policy and procedures;</p>
+          <link rel="depends-on" href="#ia-1_smt.b"/>
         </part>
         <part id="ia-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-01c."/>
-          <link rel="depends-on" href="#ia-1_smt.c"/>
           <part id="ia-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01c.01"/>
-            <link rel="depends-on" href="#ia-1_smt.c.1"/>
             <part id="ia-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-01c.01[01]"/>
-              <link rel="depends-on" href="#ia-1_smt.c.1"/>
               <p>the current identification and authentication policy is reviewed and updated <insert type="param" id-ref="ia-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#ia-1_smt.c.1"/>
             </part>
             <part id="ia-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-01c.01[02]"/>
-              <link rel="depends-on" href="#ia-1_smt.c.1"/>
               <p>the current identification and authentication policy is reviewed and updated following <insert type="param" id-ref="ia-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ia-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ia-1_smt.c.1"/>
           </part>
           <part id="ia-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-01c.02"/>
-            <link rel="depends-on" href="#ia-1_smt.c.2"/>
             <part id="ia-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-01c.02[01]"/>
-              <link rel="depends-on" href="#ia-1_smt.c.2"/>
               <p>the current identification and authentication procedures are reviewed and updated <insert type="param" id-ref="ia-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#ia-1_smt.c.2"/>
             </part>
             <part id="ia-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-01c.02[02]"/>
-              <link rel="depends-on" href="#ia-1_smt.c.2"/>
               <p>the current identification and authentication procedures are reviewed and updated following <insert type="param" id-ref="ia-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ia-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ia-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ia-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ia-1_smt"/>
       </part>
       <part id="ia-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28507,17 +28507,17 @@
       </part>
       <part id="ia-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-02"/>
-        <link rel="depends-on" href="#ia-2_smt"/>
         <part id="ia-2_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02[01]"/>
-          <link rel="depends-on" href="#ia-2_smt"/>
           <p>organizational users are uniquely identified and authenticated;</p>
+          <link rel="depends-on" href="#ia-2_smt"/>
         </part>
         <part id="ia-2_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02[02]"/>
-          <link rel="depends-on" href="#ia-2_smt"/>
           <p>the unique identification of authenticated organizational users is associated with processes acting on behalf of those users.</p>
+          <link rel="depends-on" href="#ia-2_smt"/>
         </part>
+        <link rel="depends-on" href="#ia-2_smt"/>
       </part>
       <part id="ia-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28568,8 +28568,8 @@
         </part>
         <part id="ia-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(01)"/>
-          <link rel="depends-on" href="#ia-2.1_smt"/>
           <p>multi-factor authentication is implemented for access to privileged accounts.</p>
+          <link rel="depends-on" href="#ia-2.1_smt"/>
         </part>
         <part id="ia-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28620,8 +28620,8 @@
         </part>
         <part id="ia-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(02)"/>
-          <link rel="depends-on" href="#ia-2.2_smt"/>
           <p>multi-factor authentication for access to non-privileged accounts is implemented.</p>
+          <link rel="depends-on" href="#ia-2.2_smt"/>
         </part>
         <part id="ia-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28688,8 +28688,8 @@
         </part>
         <part id="ia-2.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(05)"/>
-          <link rel="depends-on" href="#ia-2.5_smt"/>
           <p>users are required to be individually authenticated before granting access to the shared accounts or resources when shared accounts or authenticators are employed.</p>
+          <link rel="depends-on" href="#ia-2.5_smt"/>
         </part>
         <part id="ia-2.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28773,17 +28773,17 @@
         </part>
         <part id="ia-2.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(06)"/>
-          <link rel="depends-on" href="#ia-2.6_smt"/>
           <part id="ia-2.6_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-02(06)(a)"/>
-            <link rel="depends-on" href="#ia-2.6_smt.a"/>
             <p>multi-factor authentication is implemented for <insert type="param" id-ref="ia-02.06_odp.01"/> access to <insert type="param" id-ref="ia-02.06_odp.02"/> such that one of the factors is provided by a device separate from the system gaining access;</p>
+            <link rel="depends-on" href="#ia-2.6_smt.a"/>
           </part>
           <part id="ia-2.6_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-02(06)(b)"/>
-            <link rel="depends-on" href="#ia-2.6_smt.b"/>
             <p>multi-factor authentication is implemented for <insert type="param" id-ref="ia-02.06_odp.01"/> access to <insert type="param" id-ref="ia-02.06_odp.02"/> such that the device meets <insert type="param" id-ref="ia-02.06_odp.03"/>.</p>
+            <link rel="depends-on" href="#ia-2.6_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ia-2.6_smt"/>
         </part>
         <part id="ia-2.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28849,8 +28849,8 @@
         </part>
         <part id="ia-2.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(08)"/>
-          <link rel="depends-on" href="#ia-2.8_smt"/>
           <p>replay-resistant authentication mechanisms for access to <insert type="param" id-ref="ia-02.08_odp"/> are implemented.</p>
+          <link rel="depends-on" href="#ia-2.8_smt"/>
         </part>
         <part id="ia-2.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28917,8 +28917,8 @@
         </part>
         <part id="ia-2.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(10)"/>
-          <link rel="depends-on" href="#ia-2.10_smt"/>
           <p>a single sign-on capability is provided for <insert type="param" id-ref="ia-02.10_odp"/>.</p>
+          <link rel="depends-on" href="#ia-2.10_smt"/>
         </part>
         <part id="ia-2.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -28978,8 +28978,8 @@
         </part>
         <part id="ia-2.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(12)"/>
-          <link rel="depends-on" href="#ia-2.12_smt"/>
           <p>Personal Identity Verification-compliant credentials are accepted and electronically verified.</p>
+          <link rel="depends-on" href="#ia-2.12_smt"/>
         </part>
         <part id="ia-2.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29050,8 +29050,8 @@
         </part>
         <part id="ia-2.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-02(13)"/>
-          <link rel="depends-on" href="#ia-2.13_smt"/>
           <p><insert type="param" id-ref="ia-02.13_odp.01"/> mechanisms are implemented under <insert type="param" id-ref="ia-02.13_odp.02"/>.</p>
+          <link rel="depends-on" href="#ia-2.13_smt"/>
         </part>
         <part id="ia-2.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29129,8 +29129,8 @@
       </part>
       <part id="ia-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-03"/>
-        <link rel="depends-on" href="#ia-3_smt"/>
         <p><insert type="param" id-ref="ia-03_odp.01"/> are uniquely identified and authenticated before establishing a <insert type="param" id-ref="ia-03_odp.02"/> connection.</p>
+        <link rel="depends-on" href="#ia-3_smt"/>
       </part>
       <part id="ia-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29198,8 +29198,8 @@
         </part>
         <part id="ia-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-03(01)"/>
-          <link rel="depends-on" href="#ia-3.1_smt"/>
           <p><insert type="param" id-ref="ia-03.01_odp.01"/> are authenticated before establishing <insert type="param" id-ref="ia-03.01_odp.02"/> connection using bidirectional authentication that is cryptographically based.</p>
+          <link rel="depends-on" href="#ia-3.1_smt"/>
         </part>
         <part id="ia-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29284,26 +29284,26 @@
         </part>
         <part id="ia-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-03(03)"/>
-          <link rel="depends-on" href="#ia-3.3_smt"/>
           <part id="ia-3.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-03(03)(a)"/>
-            <link rel="depends-on" href="#ia-3.3_smt.a"/>
             <part id="ia-3.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-03(03)(a)[01]"/>
-              <link rel="depends-on" href="#ia-3.3_smt.a"/>
               <p>dynamic address allocation lease information assigned to devices where addresses are allocated dynamically are standardized in accordance with <insert type="param" id-ref="ia-03.03_odp.01"/>;</p>
+              <link rel="depends-on" href="#ia-3.3_smt.a"/>
             </part>
             <part id="ia-3.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-03(03)(a)[02]"/>
-              <link rel="depends-on" href="#ia-3.3_smt.a"/>
               <p>dynamic address allocation lease duration assigned to devices where addresses are allocated dynamically are standardized in accordance with <insert type="param" id-ref="ia-03.03_odp.02"/>;</p>
+              <link rel="depends-on" href="#ia-3.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ia-3.3_smt.a"/>
           </part>
           <part id="ia-3.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-03(03)(b)"/>
-            <link rel="depends-on" href="#ia-3.3_smt.b"/>
             <p>lease information is audited when assigned to a device.</p>
+            <link rel="depends-on" href="#ia-3.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ia-3.3_smt"/>
         </part>
         <part id="ia-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29366,8 +29366,8 @@
         </part>
         <part id="ia-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-03(04)"/>
-          <link rel="depends-on" href="#ia-3.4_smt"/>
           <p>device identification and authentication are handled based on attestation by <insert type="param" id-ref="ia-03.04_odp"/>.</p>
+          <link rel="depends-on" href="#ia-3.4_smt"/>
         </part>
         <part id="ia-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29473,27 +29473,27 @@
       </part>
       <part id="ia-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-04"/>
-        <link rel="depends-on" href="#ia-4_smt"/>
         <part id="ia-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04a."/>
-          <link rel="depends-on" href="#ia-4_smt.a"/>
           <p>system identifiers are managed by receiving authorization from <insert type="param" id-ref="ia-04_odp.01"/> to assign to an individual, group, role, or device identifier;</p>
+          <link rel="depends-on" href="#ia-4_smt.a"/>
         </part>
         <part id="ia-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04b."/>
-          <link rel="depends-on" href="#ia-4_smt.b"/>
           <p>system identifiers are managed by selecting an identifier that identifies an individual, group, role, service, or device;</p>
+          <link rel="depends-on" href="#ia-4_smt.b"/>
         </part>
         <part id="ia-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04c."/>
-          <link rel="depends-on" href="#ia-4_smt.c"/>
           <p>system identifiers are managed by assigning the identifier to the intended individual, group, role, service, or device;</p>
+          <link rel="depends-on" href="#ia-4_smt.c"/>
         </part>
         <part id="ia-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04d."/>
-          <link rel="depends-on" href="#ia-4_smt.d"/>
           <p>system identifiers are managed by preventing reuse of identifiers for <insert type="param" id-ref="ia-04_odp.02"/>.</p>
+          <link rel="depends-on" href="#ia-4_smt.d"/>
         </part>
+        <link rel="depends-on" href="#ia-4_smt"/>
       </part>
       <part id="ia-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29544,8 +29544,8 @@
         </part>
         <part id="ia-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04(01)"/>
-          <link rel="depends-on" href="#ia-4.1_smt"/>
           <p>the use of system account identifiers that are the same as public identifiers is prohibited for individual accounts.</p>
+          <link rel="depends-on" href="#ia-4.1_smt"/>
         </part>
         <part id="ia-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29618,8 +29618,8 @@
         </part>
         <part id="ia-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04(04)"/>
-          <link rel="depends-on" href="#ia-4.4_smt"/>
           <p>individual identifiers are managed by uniquely identifying each individual as <insert type="param" id-ref="ia-04.04_odp"/>.</p>
+          <link rel="depends-on" href="#ia-4.4_smt"/>
         </part>
         <part id="ia-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29674,8 +29674,8 @@
         </part>
         <part id="ia-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04(05)"/>
-          <link rel="depends-on" href="#ia-4.5_smt"/>
           <p>individual identifiers are dynamically managed in accordance with <insert type="param" id-ref="ia-04.05_odp"/>.</p>
+          <link rel="depends-on" href="#ia-4.5_smt"/>
         </part>
         <part id="ia-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29735,8 +29735,8 @@
         </part>
         <part id="ia-4.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04(06)"/>
-          <link rel="depends-on" href="#ia-4.6_smt"/>
           <p>cross-organization management of identifiers is coordinated with <insert type="param" id-ref="ia-04.06_odp"/>.</p>
+          <link rel="depends-on" href="#ia-4.6_smt"/>
         </part>
         <part id="ia-4.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29789,8 +29789,8 @@
         </part>
         <part id="ia-4.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04(08)"/>
-          <link rel="depends-on" href="#ia-4.8_smt"/>
           <p>pairwise pseudonymous identifiers are generated.</p>
+          <link rel="depends-on" href="#ia-4.8_smt"/>
         </part>
         <part id="ia-4.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29846,8 +29846,8 @@
         </part>
         <part id="ia-4.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-04(09)"/>
-          <link rel="depends-on" href="#ia-4.9_smt"/>
           <p>the attributes for each uniquely identified individual, device, or service are maintained in <insert type="param" id-ref="ia-04.09_odp"/>.</p>
+          <link rel="depends-on" href="#ia-4.9_smt"/>
         </part>
         <part id="ia-4.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -29974,61 +29974,61 @@
       </part>
       <part id="ia-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-05"/>
-        <link rel="depends-on" href="#ia-5_smt"/>
         <part id="ia-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05a."/>
-          <link rel="depends-on" href="#ia-5_smt.a"/>
           <p>system authenticators are managed through the verification of the identity of the individual, group, role, service, or device receiving the authenticator as part of the initial authenticator distribution;</p>
+          <link rel="depends-on" href="#ia-5_smt.a"/>
         </part>
         <part id="ia-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05b."/>
-          <link rel="depends-on" href="#ia-5_smt.b"/>
           <p>system authenticators are managed through the establishment of initial authenticator content for any authenticators issued by the organization;</p>
+          <link rel="depends-on" href="#ia-5_smt.b"/>
         </part>
         <part id="ia-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05c."/>
-          <link rel="depends-on" href="#ia-5_smt.c"/>
           <p>system authenticators are managed to ensure that authenticators have sufficient strength of mechanism for their intended use;</p>
+          <link rel="depends-on" href="#ia-5_smt.c"/>
         </part>
         <part id="ia-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05d."/>
-          <link rel="depends-on" href="#ia-5_smt.d"/>
           <p>system authenticators are managed through the establishment and implementation of administrative procedures for initial authenticator distribution; lost, compromised, or damaged authenticators; and the revocation of authenticators;</p>
+          <link rel="depends-on" href="#ia-5_smt.d"/>
         </part>
         <part id="ia-5_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05e."/>
-          <link rel="depends-on" href="#ia-5_smt.e"/>
           <p>system authenticators are managed through the change of default authenticators prior to first use;</p>
+          <link rel="depends-on" href="#ia-5_smt.e"/>
         </part>
         <part id="ia-5_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05f."/>
-          <link rel="depends-on" href="#ia-5_smt.f"/>
           <p>system authenticators are managed through the change or refreshment of authenticators <insert type="param" id-ref="ia-05_odp.01"/> or when <insert type="param" id-ref="ia-05_odp.02"/> occur;</p>
+          <link rel="depends-on" href="#ia-5_smt.f"/>
         </part>
         <part id="ia-5_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05g."/>
-          <link rel="depends-on" href="#ia-5_smt.g"/>
           <p>system authenticators are managed through the protection of authenticator content from unauthorized disclosure and modification;</p>
+          <link rel="depends-on" href="#ia-5_smt.g"/>
         </part>
         <part id="ia-5_obj.h" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05h."/>
-          <link rel="depends-on" href="#ia-5_smt.h"/>
           <part id="ia-5_obj.h-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05h.[01]"/>
-            <link rel="depends-on" href="#ia-5_smt.h"/>
             <p>system authenticators are managed through the requirement for individuals to take specific controls to protect authenticators;</p>
+            <link rel="depends-on" href="#ia-5_smt.h"/>
           </part>
           <part id="ia-5_obj.h-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05h.[02]"/>
-            <link rel="depends-on" href="#ia-5_smt.h"/>
             <p>system authenticators are managed through the requirement for devices to implement specific controls to protect authenticators;</p>
+            <link rel="depends-on" href="#ia-5_smt.h"/>
           </part>
+          <link rel="depends-on" href="#ia-5_smt.h"/>
         </part>
         <part id="ia-5_obj.i" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05i."/>
-          <link rel="depends-on" href="#ia-5_smt.i"/>
           <p>system authenticators are managed through the change of authenticators for group or role accounts when membership to those accounts changes.</p>
+          <link rel="depends-on" href="#ia-5_smt.i"/>
         </part>
+        <link rel="depends-on" href="#ia-5_smt"/>
       </part>
       <part id="ia-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30126,47 +30126,47 @@
         </part>
         <part id="ia-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(01)"/>
-          <link rel="depends-on" href="#ia-5.1_smt"/>
           <part id="ia-5.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(a)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.a"/>
             <p>for password-based authentication, a list of commonly used, expected, or compromised passwords is maintained and updated <insert type="param" id-ref="ia-05.01_odp.01"/> and when organizational passwords are suspected to have been compromised directly or indirectly;</p>
+            <link rel="depends-on" href="#ia-5.1_smt.a"/>
           </part>
           <part id="ia-5.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(b)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.b"/>
             <p>for password-based authentication when passwords are created or updated by users, the passwords are verified not to be found on the list of commonly used, expected, or compromised passwords in IA-05(01)(a);</p>
+            <link rel="depends-on" href="#ia-5.1_smt.b"/>
           </part>
           <part id="ia-5.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(c)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.c"/>
             <p>for password-based authentication, passwords are only transmitted over cryptographically protected channels;</p>
+            <link rel="depends-on" href="#ia-5.1_smt.c"/>
           </part>
           <part id="ia-5.1_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(d)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.d"/>
             <p>for password-based authentication, passwords are stored using an approved salted key derivation function, preferably using a keyed hash;</p>
+            <link rel="depends-on" href="#ia-5.1_smt.d"/>
           </part>
           <part id="ia-5.1_obj.e" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(e)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.e"/>
             <p>for password-based authentication, immediate selection of a new password is required upon account recovery;</p>
+            <link rel="depends-on" href="#ia-5.1_smt.e"/>
           </part>
           <part id="ia-5.1_obj.f" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(f)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.f"/>
             <p>for password-based authentication, user selection of long passwords and passphrases is allowed, including spaces and all printable characters;</p>
+            <link rel="depends-on" href="#ia-5.1_smt.f"/>
           </part>
           <part id="ia-5.1_obj.g" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(g)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.g"/>
             <p>for password-based authentication, automated tools are employed to assist the user in selecting strong password authenticators;</p>
+            <link rel="depends-on" href="#ia-5.1_smt.g"/>
           </part>
           <part id="ia-5.1_obj.h" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(01)(h)"/>
-            <link rel="depends-on" href="#ia-5.1_smt.h"/>
             <p>for password-based authentication, <insert type="param" id-ref="ia-05.01_odp.02"/> are enforced.</p>
+            <link rel="depends-on" href="#ia-5.1_smt.h"/>
           </part>
+          <link rel="depends-on" href="#ia-5.1_smt"/>
         </part>
         <part id="ia-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30240,35 +30240,35 @@
         </part>
         <part id="ia-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(02)"/>
-          <link rel="depends-on" href="#ia-5.2_smt"/>
           <part id="ia-5.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(02)(a)"/>
-            <link rel="depends-on" href="#ia-5.2_smt.a"/>
             <part id="ia-5.2_obj.a.1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-05(02)(a)(01)"/>
-              <link rel="depends-on" href="#ia-5.2_smt.a.1"/>
               <p>authorized access to the corresponding private key is enforced for public key-based authentication;</p>
+              <link rel="depends-on" href="#ia-5.2_smt.a.1"/>
             </part>
             <part id="ia-5.2_obj.a.2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-05(02)(a)(02)"/>
-              <link rel="depends-on" href="#ia-5.2_smt.a.2"/>
               <p>the authenticated identity is mapped to the account of the individual or group for public key-based authentication;</p>
+              <link rel="depends-on" href="#ia-5.2_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#ia-5.2_smt.a"/>
           </part>
           <part id="ia-5.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(02)(b)"/>
-            <link rel="depends-on" href="#ia-5.2_smt.b"/>
             <part id="ia-5.2_obj.b.1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-05(02)(b)(01)"/>
-              <link rel="depends-on" href="#ia-5.2_smt.b.1"/>
               <p>when public key infrastructure (PKI) is used, certificates are validated by constructing and verifying a certification path to an accepted trust anchor, including checking certificate status information;</p>
+              <link rel="depends-on" href="#ia-5.2_smt.b.1"/>
             </part>
             <part id="ia-5.2_obj.b.2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-05(02)(b)(02)"/>
-              <link rel="depends-on" href="#ia-5.2_smt.b.2"/>
               <p>when public key infrastructure (PKI) is used, a local cache of revocation data is implemented to support path discovery and validation.</p>
+              <link rel="depends-on" href="#ia-5.2_smt.b.2"/>
             </part>
+            <link rel="depends-on" href="#ia-5.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ia-5.2_smt"/>
         </part>
         <part id="ia-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30333,8 +30333,8 @@
         </part>
         <part id="ia-5.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(05)"/>
-          <link rel="depends-on" href="#ia-5.5_smt"/>
           <p>developers and installers of system components are required to provide unique authenticators or change default authenticators prior to delivery and installation.</p>
+          <link rel="depends-on" href="#ia-5.5_smt"/>
         </part>
         <part id="ia-5.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30383,8 +30383,8 @@
         </part>
         <part id="ia-5.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(06)"/>
-          <link rel="depends-on" href="#ia-5.6_smt"/>
           <p>authenticators are protected commensurate with the security category of the information to which use of the authenticator permits access.</p>
+          <link rel="depends-on" href="#ia-5.6_smt"/>
         </part>
         <part id="ia-5.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30433,8 +30433,8 @@
         </part>
         <part id="ia-5.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(07)"/>
-          <link rel="depends-on" href="#ia-5.7_smt"/>
           <p>unencrypted static authenticators are not embedded in applications or other forms of static storage.</p>
+          <link rel="depends-on" href="#ia-5.7_smt"/>
         </part>
         <part id="ia-5.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30493,8 +30493,8 @@
         </part>
         <part id="ia-5.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(08)"/>
-          <link rel="depends-on" href="#ia-5.8_smt"/>
           <p><insert type="param" id-ref="ia-05.08_odp"/> are implemented to manage the risk of compromise due to individuals having accounts on multiple systems.</p>
+          <link rel="depends-on" href="#ia-5.8_smt"/>
         </part>
         <part id="ia-5.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30550,8 +30550,8 @@
         </part>
         <part id="ia-5.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(09)"/>
-          <link rel="depends-on" href="#ia-5.9_smt"/>
           <p><insert type="param" id-ref="ia-05.09_odp"/> are used to federate credentials.</p>
+          <link rel="depends-on" href="#ia-5.9_smt"/>
         </part>
         <part id="ia-5.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30607,8 +30607,8 @@
         </part>
         <part id="ia-5.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(10)"/>
-          <link rel="depends-on" href="#ia-5.10_smt"/>
           <p>identities and authenticators are dynamically bound using <insert type="param" id-ref="ia-05.10_odp"/>.</p>
+          <link rel="depends-on" href="#ia-5.10_smt"/>
         </part>
         <part id="ia-5.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30675,8 +30675,8 @@
         </part>
         <part id="ia-5.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(12)"/>
-          <link rel="depends-on" href="#ia-5.12_smt"/>
           <p>mechanisms that satisfy <insert type="param" id-ref="ia-05.12_odp"/> are employed for biometric-based authentication.</p>
+          <link rel="depends-on" href="#ia-5.12_smt"/>
         </part>
         <part id="ia-5.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30734,8 +30734,8 @@
         </part>
         <part id="ia-5.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(13)"/>
-          <link rel="depends-on" href="#ia-5.13_smt"/>
           <p>the use of cached authenticators is prohibited after <insert type="param" id-ref="ia-05.13_odp"/>.</p>
+          <link rel="depends-on" href="#ia-5.13_smt"/>
         </part>
         <part id="ia-5.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30783,8 +30783,8 @@
         </part>
         <part id="ia-5.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(14)"/>
-          <link rel="depends-on" href="#ia-5.14_smt"/>
           <p>an organization-wide methodology for managing the content of PKI trust stores is employed across all platforms, including networks, operating systems, browsers, and applications for PKI-based authentication.</p>
+          <link rel="depends-on" href="#ia-5.14_smt"/>
         </part>
         <part id="ia-5.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30835,8 +30835,8 @@
         </part>
         <part id="ia-5.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(15)"/>
-          <link rel="depends-on" href="#ia-5.15_smt"/>
           <p>only General Services Administration-approved products and services are used for identity, credential, and access management.</p>
+          <link rel="depends-on" href="#ia-5.15_smt"/>
         </part>
         <part id="ia-5.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30918,8 +30918,8 @@
         </part>
         <part id="ia-5.16_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(16)"/>
-          <link rel="depends-on" href="#ia-5.16_smt"/>
           <p>the issuance of <insert type="param" id-ref="ia-05.16_odp.01"/> is required to be conducted <insert type="param" id-ref="ia-05.16_odp.02"/> before <insert type="param" id-ref="ia-05.16_odp.03"/> with authorization by <insert type="param" id-ref="ia-05.16_odp.04"/>.</p>
+          <link rel="depends-on" href="#ia-5.16_smt"/>
         </part>
         <part id="ia-5.16_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -30969,8 +30969,8 @@
         </part>
         <part id="ia-5.17_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(17)"/>
-          <link rel="depends-on" href="#ia-5.17_smt"/>
           <p>presentation attack detection mechanisms are employed for biometric-based authentication.</p>
+          <link rel="depends-on" href="#ia-5.17_smt"/>
         </part>
         <part id="ia-5.17_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31042,17 +31042,17 @@
         </part>
         <part id="ia-5.18_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-05(18)"/>
-          <link rel="depends-on" href="#ia-5.18_smt"/>
           <part id="ia-5.18_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(18)(a)"/>
-            <link rel="depends-on" href="#ia-5.18_smt.a"/>
             <p><insert type="param" id-ref="ia-05.18_odp.01"/> are employed to generate and manage passwords;</p>
+            <link rel="depends-on" href="#ia-5.18_smt.a"/>
           </part>
           <part id="ia-5.18_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-05(18)(b)"/>
-            <link rel="depends-on" href="#ia-5.18_smt.b"/>
             <p>the passwords are protected using <insert type="param" id-ref="ia-05.18_odp.02"/>.</p>
+            <link rel="depends-on" href="#ia-5.18_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ia-5.18_smt"/>
         </part>
         <part id="ia-5.18_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31102,8 +31102,8 @@
       </part>
       <part id="ia-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-06"/>
-        <link rel="depends-on" href="#ia-6_smt"/>
         <p>the feedback of authentication information is obscured during the authentication process to protect the information from possible exploitation and use by unauthorized individuals.</p>
+        <link rel="depends-on" href="#ia-6_smt"/>
       </part>
       <part id="ia-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31155,8 +31155,8 @@
       </part>
       <part id="ia-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-07"/>
-        <link rel="depends-on" href="#ia-7_smt"/>
         <p>mechanisms for authentication to a cryptographic module are implemented that meet the requirements of applicable laws, executive orders, directives, policies, regulations, standards, and guidelines for such authentication.</p>
+        <link rel="depends-on" href="#ia-7_smt"/>
       </part>
       <part id="ia-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31225,8 +31225,8 @@
       </part>
       <part id="ia-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-08"/>
-        <link rel="depends-on" href="#ia-8_smt"/>
         <p>non-organizational users or processes acting on behalf of non-organizational users are uniquely identified and authenticated.</p>
+        <link rel="depends-on" href="#ia-8_smt"/>
       </part>
       <part id="ia-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31276,17 +31276,17 @@
         </part>
         <part id="ia-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-08(01)"/>
-          <link rel="depends-on" href="#ia-8.1_smt"/>
           <part id="ia-8.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-08(01)[01]"/>
-            <link rel="depends-on" href="#ia-8.1_smt"/>
             <p>Personal Identity Verification-compliant credentials from other federal agencies are accepted;</p>
+            <link rel="depends-on" href="#ia-8.1_smt"/>
           </part>
           <part id="ia-8.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-08(01)[02]"/>
-            <link rel="depends-on" href="#ia-8.1_smt"/>
             <p>Personal Identity Verification-compliant credentials from other federal agencies are electronically verified.</p>
+            <link rel="depends-on" href="#ia-8.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ia-8.1_smt"/>
         </part>
         <part id="ia-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31346,26 +31346,26 @@
         </part>
         <part id="ia-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-08(02)"/>
-          <link rel="depends-on" href="#ia-8.2_smt"/>
           <part id="ia-8.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-08(02)(a)"/>
-            <link rel="depends-on" href="#ia-8.2_smt.a"/>
             <p>only external authenticators that are NIST-compliant are accepted;</p>
+            <link rel="depends-on" href="#ia-8.2_smt.a"/>
           </part>
           <part id="ia-8.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-08(02)(b)"/>
-            <link rel="depends-on" href="#ia-8.2_smt.b"/>
             <part id="ia-8.2_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-08(02)(b)[01]"/>
-              <link rel="depends-on" href="#ia-8.2_smt.b"/>
               <p>a list of accepted external authenticators is documented;</p>
+              <link rel="depends-on" href="#ia-8.2_smt.b"/>
             </part>
             <part id="ia-8.2_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IA-08(02)(b)[02]"/>
-              <link rel="depends-on" href="#ia-8.2_smt.b"/>
               <p>a list of accepted external authenticators is maintained.</p>
+              <link rel="depends-on" href="#ia-8.2_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ia-8.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ia-8.2_smt"/>
         </part>
         <part id="ia-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31435,8 +31435,8 @@
         </part>
         <part id="ia-8.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-08(04)"/>
-          <link rel="depends-on" href="#ia-8.4_smt"/>
           <p>there is conformance with <insert type="param" id-ref="ia-08.04_odp"/> for identity management.</p>
+          <link rel="depends-on" href="#ia-8.4_smt"/>
         </part>
         <part id="ia-8.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31493,17 +31493,17 @@
         </part>
         <part id="ia-8.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-08(05)"/>
-          <link rel="depends-on" href="#ia-8.5_smt"/>
           <part id="ia-8.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-08(05)[01]"/>
-            <link rel="depends-on" href="#ia-8.5_smt"/>
             <p>federated or PKI credentials that meet <insert type="param" id-ref="ia-08.05_odp"/> are accepted;</p>
+            <link rel="depends-on" href="#ia-8.5_smt"/>
           </part>
           <part id="ia-8.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-08(05)[02]"/>
-            <link rel="depends-on" href="#ia-8.5_smt"/>
             <p>federated or PKI credentials that meet <insert type="param" id-ref="ia-08.05_odp"/> are verified.</p>
+            <link rel="depends-on" href="#ia-8.5_smt"/>
           </part>
+          <link rel="depends-on" href="#ia-8.5_smt"/>
         </part>
         <part id="ia-8.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31564,8 +31564,8 @@
         </part>
         <part id="ia-8.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-08(06)"/>
-          <link rel="depends-on" href="#ia-8.6_smt"/>
           <p><insert type="param" id-ref="ia-08.06_odp"/> to disassociate user attributes or identifier assertion relationships among individuals, credential service providers, and relying parties are implemented.</p>
+          <link rel="depends-on" href="#ia-8.6_smt"/>
         </part>
         <part id="ia-8.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31628,8 +31628,8 @@
       </part>
       <part id="ia-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-09"/>
-        <link rel="depends-on" href="#ia-9_smt"/>
         <p><insert type="param" id-ref="ia-09_odp"/> are uniquely identified and authenticated before establishing communications with devices, users, or other services or applications.</p>
+        <link rel="depends-on" href="#ia-9_smt"/>
       </part>
       <part id="ia-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31713,8 +31713,8 @@
       </part>
       <part id="ia-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-10"/>
-        <link rel="depends-on" href="#ia-10_smt"/>
         <p>individuals accessing the system are required to employ <insert type="param" id-ref="ia-10_odp.01"/> under specific <insert type="param" id-ref="ia-10_odp.02"/>.</p>
+        <link rel="depends-on" href="#ia-10_smt"/>
       </part>
       <part id="ia-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31779,8 +31779,8 @@
       </part>
       <part id="ia-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-11"/>
-        <link rel="depends-on" href="#ia-11_smt"/>
         <p>users are required to re-authenticate when <insert type="param" id-ref="ia-11_odp"/>.</p>
+        <link rel="depends-on" href="#ia-11_smt"/>
       </part>
       <part id="ia-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31852,36 +31852,36 @@
       </part>
       <part id="ia-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IA-12"/>
-        <link rel="depends-on" href="#ia-12_smt"/>
         <part id="ia-12_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12a."/>
-          <link rel="depends-on" href="#ia-12_smt.a"/>
           <p>users who require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines are identity proofed;</p>
+          <link rel="depends-on" href="#ia-12_smt.a"/>
         </part>
         <part id="ia-12_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12b."/>
-          <link rel="depends-on" href="#ia-12_smt.b"/>
           <p>user identities are resolved to a unique individual;</p>
+          <link rel="depends-on" href="#ia-12_smt.b"/>
         </part>
         <part id="ia-12_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12c."/>
-          <link rel="depends-on" href="#ia-12_smt.c"/>
           <part id="ia-12_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-12c.[01]"/>
-            <link rel="depends-on" href="#ia-12_smt.c"/>
             <p>identity evidence is collected;</p>
+            <link rel="depends-on" href="#ia-12_smt.c"/>
           </part>
           <part id="ia-12_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-12c.[02]"/>
-            <link rel="depends-on" href="#ia-12_smt.c"/>
             <p>identity evidence is validated;</p>
+            <link rel="depends-on" href="#ia-12_smt.c"/>
           </part>
           <part id="ia-12_obj.c-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IA-12c.[03]"/>
-            <link rel="depends-on" href="#ia-12_smt.c"/>
             <p>identity evidence is verified.</p>
+            <link rel="depends-on" href="#ia-12_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ia-12_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ia-12_smt"/>
       </part>
       <part id="ia-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31928,8 +31928,8 @@
         </part>
         <part id="ia-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12(01)"/>
-          <link rel="depends-on" href="#ia-12.1_smt"/>
           <p>the registration process to receive an account for logical access includes supervisor or sponsor authorization.</p>
+          <link rel="depends-on" href="#ia-12.1_smt"/>
         </part>
         <part id="ia-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -31975,8 +31975,8 @@
         </part>
         <part id="ia-12.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12(02)"/>
-          <link rel="depends-on" href="#ia-12.2_smt"/>
           <p>evidence of individual identification is presented to the registration authority.</p>
+          <link rel="depends-on" href="#ia-12.2_smt"/>
         </part>
         <part id="ia-12.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32031,8 +32031,8 @@
         </part>
         <part id="ia-12.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12(03)"/>
-          <link rel="depends-on" href="#ia-12.3_smt"/>
           <p>the presented identity evidence is validated and verified through <insert type="param" id-ref="ia-12.03_odp"/>.</p>
+          <link rel="depends-on" href="#ia-12.3_smt"/>
         </part>
         <part id="ia-12.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32078,8 +32078,8 @@
         </part>
         <part id="ia-12.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12(04)"/>
-          <link rel="depends-on" href="#ia-12.4_smt"/>
           <p>the validation and verification of identity evidence is conducted in person before a designated registration authority.</p>
+          <link rel="depends-on" href="#ia-12.4_smt"/>
         </part>
         <part id="ia-12.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32134,8 +32134,8 @@
         </part>
         <part id="ia-12.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12(05)"/>
-          <link rel="depends-on" href="#ia-12.5_smt"/>
           <p>a <insert type="param" id-ref="ia-12.05_odp"/> is delivered through an out-of-band channel to verify the user’s address (physical or digital) of record.</p>
+          <link rel="depends-on" href="#ia-12.5_smt"/>
         </part>
         <part id="ia-12.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32193,8 +32193,8 @@
         </part>
         <part id="ia-12.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IA-12(06)"/>
-          <link rel="depends-on" href="#ia-12.6_smt"/>
           <p>externally proofed identities are accepted <insert type="param" id-ref="ia-12.06_odp"/>.</p>
+          <link rel="depends-on" href="#ia-12.6_smt"/>
         </part>
         <part id="ia-12.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32358,116 +32358,116 @@
       </part>
       <part id="ir-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-01"/>
-        <link rel="depends-on" href="#ir-1_smt"/>
         <part id="ir-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-01a."/>
-          <link rel="depends-on" href="#ir-1_smt.a"/>
           <part id="ir-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01a.[01]"/>
-            <link rel="depends-on" href="#ir-1_smt.a"/>
             <p>an incident response policy is developed and documented;</p>
+            <link rel="depends-on" href="#ir-1_smt.a"/>
           </part>
           <part id="ir-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01a.[02]"/>
-            <link rel="depends-on" href="#ir-1_smt.a"/>
             <p>the incident response policy is disseminated to <insert type="param" id-ref="ir-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ir-1_smt.a"/>
           </part>
           <part id="ir-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01a.[03]"/>
-            <link rel="depends-on" href="#ir-1_smt.a"/>
             <p>incident response procedures to facilitate the implementation of the incident response policy and associated incident response controls are developed and documented;</p>
+            <link rel="depends-on" href="#ir-1_smt.a"/>
           </part>
           <part id="ir-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01a.[04]"/>
-            <link rel="depends-on" href="#ir-1_smt.a"/>
             <p>the incident response procedures are disseminated to <insert type="param" id-ref="ir-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ir-1_smt.a"/>
           </part>
           <part id="ir-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01a.01"/>
-            <link rel="depends-on" href="#ir-1_smt.a.1"/>
             <part id="ir-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-01a.01(a)"/>
-              <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               <part id="ir-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses purpose;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
               <part id="ir-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses scope;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
               <part id="ir-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses roles;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
               <part id="ir-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
               <part id="ir-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
               <part id="ir-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
               <part id="ir-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="IR-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy addresses compliance;</p>
+                <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ir-1_smt.a.1.a"/>
             </part>
             <part id="ir-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-01a.01(b)"/>
-              <link rel="depends-on" href="#ir-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ir-01_odp.03"/> incident response policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ir-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ir-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ir-1_smt.a"/>
         </part>
         <part id="ir-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-01b."/>
-          <link rel="depends-on" href="#ir-1_smt.b"/>
           <p>the <insert type="param" id-ref="ir-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the incident response policy and procedures;</p>
+          <link rel="depends-on" href="#ir-1_smt.b"/>
         </part>
         <part id="ir-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-01c."/>
-          <link rel="depends-on" href="#ir-1_smt.c"/>
           <part id="ir-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01c.01"/>
-            <link rel="depends-on" href="#ir-1_smt.c.1"/>
             <part id="ir-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-01c.01[01]"/>
-              <link rel="depends-on" href="#ir-1_smt.c.1"/>
               <p>the current incident response policy is reviewed and updated <insert type="param" id-ref="ir-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#ir-1_smt.c.1"/>
             </part>
             <part id="ir-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-01c.01[02]"/>
-              <link rel="depends-on" href="#ir-1_smt.c.1"/>
               <p>the current incident response policy is reviewed and updated following <insert type="param" id-ref="ir-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ir-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ir-1_smt.c.1"/>
           </part>
           <part id="ir-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-01c.02"/>
-            <link rel="depends-on" href="#ir-1_smt.c.2"/>
             <part id="ir-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-01c.02[01]"/>
-              <link rel="depends-on" href="#ir-1_smt.c.2"/>
               <p>the current incident response procedures are reviewed and updated <insert type="param" id-ref="ir-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#ir-1_smt.c.2"/>
             </part>
             <part id="ir-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-01c.02[02]"/>
-              <link rel="depends-on" href="#ir-1_smt.c.2"/>
               <p>the current incident response procedures are reviewed and updated following <insert type="param" id-ref="ir-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ir-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ir-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ir-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ir-1_smt"/>
       </part>
       <part id="ir-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32564,40 +32564,40 @@
       </part>
       <part id="ir-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-02"/>
-        <link rel="depends-on" href="#ir-2_smt"/>
         <part id="ir-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-02a."/>
-          <link rel="depends-on" href="#ir-2_smt.a"/>
           <part id="ir-2_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02a.01"/>
-            <link rel="depends-on" href="#ir-2_smt.a.1"/>
             <p>incident response training is provided to system users consistent with assigned roles and responsibilities within <insert type="param" id-ref="ir-02_odp.01"/> of assuming an incident response role or responsibility or acquiring system access;</p>
+            <link rel="depends-on" href="#ir-2_smt.a.1"/>
           </part>
           <part id="ir-2_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02a.02"/>
-            <link rel="depends-on" href="#ir-2_smt.a.2"/>
             <p>incident response training is provided to system users consistent with assigned roles and responsibilities when required by system changes;</p>
+            <link rel="depends-on" href="#ir-2_smt.a.2"/>
           </part>
           <part id="ir-2_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02a.03"/>
-            <link rel="depends-on" href="#ir-2_smt.a.3"/>
             <p>incident response training is provided to system users consistent with assigned roles and responsibilities <insert type="param" id-ref="ir-02_odp.02"/> thereafter;</p>
+            <link rel="depends-on" href="#ir-2_smt.a.3"/>
           </part>
+          <link rel="depends-on" href="#ir-2_smt.a"/>
         </part>
         <part id="ir-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-02b."/>
-          <link rel="depends-on" href="#ir-2_smt.b"/>
           <part id="ir-2_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02b.[01]"/>
-            <link rel="depends-on" href="#ir-2_smt.b"/>
             <p>incident response training content is reviewed and updated <insert type="param" id-ref="ir-02_odp.03"/>;</p>
+            <link rel="depends-on" href="#ir-2_smt.b"/>
           </part>
           <part id="ir-2_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02b.[02]"/>
-            <link rel="depends-on" href="#ir-2_smt.b"/>
             <p>incident response training content is reviewed and updated following <insert type="param" id-ref="ir-02_odp.04"/>.</p>
+            <link rel="depends-on" href="#ir-2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ir-2_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ir-2_smt"/>
       </part>
       <part id="ir-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32639,8 +32639,8 @@
         </part>
         <part id="ir-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-02(01)"/>
-          <link rel="depends-on" href="#ir-2.1_smt"/>
           <p>simulated events are incorporated into incident response training to facilitate the required response by personnel in crisis situations.</p>
+          <link rel="depends-on" href="#ir-2.1_smt"/>
         </part>
         <part id="ir-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32696,8 +32696,8 @@
         </part>
         <part id="ir-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-02(02)"/>
-          <link rel="depends-on" href="#ir-2.2_smt"/>
           <p>an incident response training environment is provided using <insert type="param" id-ref="ir-02.02_odp"/>.</p>
+          <link rel="depends-on" href="#ir-2.2_smt"/>
         </part>
         <part id="ir-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32746,17 +32746,17 @@
         </part>
         <part id="ir-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-02(03)"/>
-          <link rel="depends-on" href="#ir-2.3_smt"/>
           <part id="ir-2.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02(03)[01]"/>
-            <link rel="depends-on" href="#ir-2.3_smt"/>
             <p>incident response training on how to identify and respond to a breach is provided;</p>
+            <link rel="depends-on" href="#ir-2.3_smt"/>
           </part>
           <part id="ir-2.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-02(03)[02]"/>
-            <link rel="depends-on" href="#ir-2.3_smt"/>
             <p>incident response training on the organization’s process for reporting a breach is provided.</p>
+            <link rel="depends-on" href="#ir-2.3_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-2.3_smt"/>
         </part>
         <part id="ir-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32826,8 +32826,8 @@
       </part>
       <part id="ir-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-03"/>
-        <link rel="depends-on" href="#ir-3_smt"/>
         <p>the effectiveness of the incident response capability for the system is tested <insert type="param" id-ref="ir-03_odp.01"/> using <insert type="param" id-ref="ir-03_odp.02"/>.</p>
+        <link rel="depends-on" href="#ir-3_smt"/>
       </part>
       <part id="ir-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32879,8 +32879,8 @@
         </part>
         <part id="ir-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-03(01)"/>
-          <link rel="depends-on" href="#ir-3.1_smt"/>
           <p>the incident response capability is tested using <insert type="param" id-ref="ir-03.01_odp"/>.</p>
+          <link rel="depends-on" href="#ir-3.1_smt"/>
         </part>
         <part id="ir-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32932,8 +32932,8 @@
         </part>
         <part id="ir-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-03(02)"/>
-          <link rel="depends-on" href="#ir-3.2_smt"/>
           <p>incident response testing is coordinated with organizational elements responsible for related plans.</p>
+          <link rel="depends-on" href="#ir-3.2_smt"/>
         </part>
         <part id="ir-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -32994,69 +32994,69 @@
         </part>
         <part id="ir-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-03(03)"/>
-          <link rel="depends-on" href="#ir-3.3_smt"/>
           <part id="ir-3.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-03(03)(a)"/>
-            <link rel="depends-on" href="#ir-3.3_smt.a"/>
             <part id="ir-3.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(a)[01]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.a"/>
               <p>qualitative data from testing are used to determine the effectiveness of incident response processes;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.a"/>
             </part>
             <part id="ir-3.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(a)[02]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.a"/>
               <p>quantitative data from testing are used to determine the effectiveness of incident response processes;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ir-3.3_smt.a"/>
           </part>
           <part id="ir-3.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-03(03)(b)"/>
-            <link rel="depends-on" href="#ir-3.3_smt.b"/>
             <part id="ir-3.3_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(b)[01]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.b"/>
               <p>qualitative data from testing are used to continuously improve incident response processes;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.b"/>
             </part>
             <part id="ir-3.3_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(b)[02]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.b"/>
               <p>quantitative data from testing are used to continuously improve incident response processes;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ir-3.3_smt.b"/>
           </part>
           <part id="ir-3.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-03(03)(c)"/>
-            <link rel="depends-on" href="#ir-3.3_smt.c"/>
             <part id="ir-3.3_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(c)[01]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.c"/>
               <p>qualitative data from testing are used to provide incident response measures and metrics that are accurate;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.c"/>
             </part>
             <part id="ir-3.3_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(c)[02]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.c"/>
               <p>quantitative data from testing are used to provide incident response measures and metrics that are accurate;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.c"/>
             </part>
             <part id="ir-3.3_obj.c-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(c)[03]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.c"/>
               <p>qualitative data from testing are used to provide incident response measures and metrics that are consistent;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.c"/>
             </part>
             <part id="ir-3.3_obj.c-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(c)[04]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.c"/>
               <p>quantitative data from testing are used to provide incident response measures and metrics that are consistent;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.c"/>
             </part>
             <part id="ir-3.3_obj.c-5" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(c)[05]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.c"/>
               <p>qualitative data from testing are used to provide incident response measures and metrics in a reproducible format;</p>
+              <link rel="depends-on" href="#ir-3.3_smt.c"/>
             </part>
             <part id="ir-3.3_obj.c-6" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="IR-03(03)(c)[06]"/>
-              <link rel="depends-on" href="#ir-3.3_smt.c"/>
               <p>quantitative data from testing are used to provide incident response measures and metrics in a reproducible format.</p>
+              <link rel="depends-on" href="#ir-3.3_smt.c"/>
             </part>
+            <link rel="depends-on" href="#ir-3.3_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ir-3.3_smt"/>
         </part>
         <part id="ir-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33150,84 +33150,84 @@
       </part>
       <part id="ir-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-04"/>
-        <link rel="depends-on" href="#ir-4_smt"/>
         <part id="ir-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04a."/>
-          <link rel="depends-on" href="#ir-4_smt.a"/>
           <part id="ir-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04a.[01]"/>
-            <link rel="depends-on" href="#ir-4_smt.a"/>
             <p>an incident handling capability for incidents is implemented that is consistent with the incident response plan;</p>
+            <link rel="depends-on" href="#ir-4_smt.a"/>
           </part>
           <part id="ir-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04a.[02]"/>
-            <link rel="depends-on" href="#ir-4_smt.a"/>
             <p>the incident handling capability for incidents includes preparation;</p>
+            <link rel="depends-on" href="#ir-4_smt.a"/>
           </part>
           <part id="ir-4_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04a.[03]"/>
-            <link rel="depends-on" href="#ir-4_smt.a"/>
             <p>the incident handling capability for incidents includes detection and analysis;</p>
+            <link rel="depends-on" href="#ir-4_smt.a"/>
           </part>
           <part id="ir-4_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04a.[04]"/>
-            <link rel="depends-on" href="#ir-4_smt.a"/>
             <p>the incident handling capability for incidents includes containment;</p>
+            <link rel="depends-on" href="#ir-4_smt.a"/>
           </part>
           <part id="ir-4_obj.a-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04a.[05]"/>
-            <link rel="depends-on" href="#ir-4_smt.a"/>
             <p>the incident handling capability for incidents includes eradication;</p>
+            <link rel="depends-on" href="#ir-4_smt.a"/>
           </part>
           <part id="ir-4_obj.a-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04a.[06]"/>
-            <link rel="depends-on" href="#ir-4_smt.a"/>
             <p>the incident handling capability for incidents includes recovery;</p>
+            <link rel="depends-on" href="#ir-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ir-4_smt.a"/>
         </part>
         <part id="ir-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04b."/>
-          <link rel="depends-on" href="#ir-4_smt.b"/>
           <p>incident handling activities are coordinated with contingency planning activities;</p>
+          <link rel="depends-on" href="#ir-4_smt.b"/>
         </part>
         <part id="ir-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04c."/>
-          <link rel="depends-on" href="#ir-4_smt.c"/>
           <part id="ir-4_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04c.[01]"/>
-            <link rel="depends-on" href="#ir-4_smt.c"/>
             <p>lessons learned from ongoing incident handling activities are incorporated into incident response procedures, training, and testing;</p>
+            <link rel="depends-on" href="#ir-4_smt.c"/>
           </part>
           <part id="ir-4_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04c.[02]"/>
-            <link rel="depends-on" href="#ir-4_smt.c"/>
             <p>the changes resulting from the incorporated lessons learned are implemented accordingly;</p>
+            <link rel="depends-on" href="#ir-4_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ir-4_smt.c"/>
         </part>
         <part id="ir-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04d."/>
-          <link rel="depends-on" href="#ir-4_smt.d"/>
           <part id="ir-4_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04d.[01]"/>
-            <link rel="depends-on" href="#ir-4_smt.d"/>
             <p>the rigor of incident handling activities is comparable and predictable across the organization;</p>
+            <link rel="depends-on" href="#ir-4_smt.d"/>
           </part>
           <part id="ir-4_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04d.[02]"/>
-            <link rel="depends-on" href="#ir-4_smt.d"/>
             <p>the intensity of incident handling activities is comparable and predictable across the organization;</p>
+            <link rel="depends-on" href="#ir-4_smt.d"/>
           </part>
           <part id="ir-4_obj.d-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04d.[03]"/>
-            <link rel="depends-on" href="#ir-4_smt.d"/>
             <p>the scope of incident handling activities is comparable and predictable across the organization;</p>
+            <link rel="depends-on" href="#ir-4_smt.d"/>
           </part>
           <part id="ir-4_obj.d-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04d.[04]"/>
-            <link rel="depends-on" href="#ir-4_smt.d"/>
             <p>the results of incident handling activities are comparable and predictable across the organization.</p>
+            <link rel="depends-on" href="#ir-4_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ir-4_smt.d"/>
         </part>
+        <link rel="depends-on" href="#ir-4_smt"/>
       </part>
       <part id="ir-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33282,8 +33282,8 @@
         </part>
         <part id="ir-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(01)"/>
-          <link rel="depends-on" href="#ir-4.1_smt"/>
           <p>the incident handling process is supported using <insert type="param" id-ref="ir-04.01_odp"/>.</p>
+          <link rel="depends-on" href="#ir-4.1_smt"/>
         </part>
         <part id="ir-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33350,8 +33350,8 @@
         </part>
         <part id="ir-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(02)"/>
-          <link rel="depends-on" href="#ir-4.2_smt"/>
           <p><insert type="param" id-ref="ir-04.02_odp.01"/> for <insert type="param" id-ref="ir-04.02_odp.02"/> are included as part of the incident response capability.</p>
+          <link rel="depends-on" href="#ir-4.2_smt"/>
         </part>
         <part id="ir-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33417,17 +33417,17 @@
         </part>
         <part id="ir-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(03)"/>
-          <link rel="depends-on" href="#ir-4.3_smt"/>
           <part id="ir-4.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(03)[01]"/>
-            <link rel="depends-on" href="#ir-4.3_smt"/>
             <p><insert type="param" id-ref="ir-04.03_odp.01"/> are identified;</p>
+            <link rel="depends-on" href="#ir-4.3_smt"/>
           </part>
           <part id="ir-4.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(03)[02]"/>
-            <link rel="depends-on" href="#ir-4.3_smt"/>
             <p><insert type="param" id-ref="ir-04.03_odp.02"/> are taken in response to those incidents (defined in IR-04(03)_ODP[01]) to ensure the continuation of organizational mission and business functions.</p>
+            <link rel="depends-on" href="#ir-4.3_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-4.3_smt"/>
         </part>
         <part id="ir-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33474,8 +33474,8 @@
         </part>
         <part id="ir-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(04)"/>
-          <link rel="depends-on" href="#ir-4.4_smt"/>
           <p>incident information and individual incident responses are correlated to achieve an organization-wide perspective on incident awareness and response.</p>
+          <link rel="depends-on" href="#ir-4.4_smt"/>
         </part>
         <part id="ir-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33542,8 +33542,8 @@
         </part>
         <part id="ir-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(05)"/>
-          <link rel="depends-on" href="#ir-4.5_smt"/>
           <p>a configurable capability is implemented to automatically disable the system if <insert type="param" id-ref="ir-04.05_odp"/> are detected.</p>
+          <link rel="depends-on" href="#ir-4.5_smt"/>
         </part>
         <part id="ir-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33593,8 +33593,8 @@
         </part>
         <part id="ir-4.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(06)"/>
-          <link rel="depends-on" href="#ir-4.6_smt"/>
           <p>an incident handling capability is implemented for incidents involving insider threats.</p>
+          <link rel="depends-on" href="#ir-4.6_smt"/>
         </part>
         <part id="ir-4.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33650,17 +33650,17 @@
         </part>
         <part id="ir-4.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(07)"/>
-          <link rel="depends-on" href="#ir-4.7_smt"/>
           <part id="ir-4.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(07)[01]"/>
-            <link rel="depends-on" href="#ir-4.7_smt"/>
             <p>an incident handling capability is coordinated for insider threats;</p>
+            <link rel="depends-on" href="#ir-4.7_smt"/>
           </part>
           <part id="ir-4.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(07)[02]"/>
-            <link rel="depends-on" href="#ir-4.7_smt"/>
             <p>the coordinated incident handling capability includes <insert type="param" id-ref="ir-04.07_odp"/>.</p>
+            <link rel="depends-on" href="#ir-4.7_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-4.7_smt"/>
         </part>
         <part id="ir-4.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33726,8 +33726,8 @@
         </part>
         <part id="ir-4.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(08)"/>
-          <link rel="depends-on" href="#ir-4.8_smt"/>
           <p>there is coordination with <insert type="param" id-ref="ir-04.08_odp.01"/> to correlate and share <insert type="param" id-ref="ir-04.08_odp.02"/> to achieve a cross-organization perspective on incident awareness and more effective incident responses.</p>
+          <link rel="depends-on" href="#ir-4.8_smt"/>
         </part>
         <part id="ir-4.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33783,8 +33783,8 @@
         </part>
         <part id="ir-4.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(09)"/>
-          <link rel="depends-on" href="#ir-4.9_smt"/>
           <p><insert type="param" id-ref="ir-04.09_odp"/> are employed to respond to incidents.</p>
+          <link rel="depends-on" href="#ir-4.9_smt"/>
         </part>
         <part id="ir-4.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33837,8 +33837,8 @@
         </part>
         <part id="ir-4.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(10)"/>
-          <link rel="depends-on" href="#ir-4.10_smt"/>
           <p>incident handling activities involving supply chain events are coordinated with other organizations involved in the supply chain.</p>
+          <link rel="depends-on" href="#ir-4.10_smt"/>
         </part>
         <part id="ir-4.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33893,17 +33893,17 @@
         </part>
         <part id="ir-4.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(11)"/>
-          <link rel="depends-on" href="#ir-4.11_smt"/>
           <part id="ir-4.11_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(11)[01]"/>
-            <link rel="depends-on" href="#ir-4.11_smt"/>
             <p>an integrated incident response team is established and maintained;</p>
+            <link rel="depends-on" href="#ir-4.11_smt"/>
           </part>
           <part id="ir-4.11_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(11)[02]"/>
-            <link rel="depends-on" href="#ir-4.11_smt"/>
             <p>the integrated incident response team can be deployed to any location identified by the organization in <insert type="param" id-ref="ir-04.11_odp"/>.</p>
+            <link rel="depends-on" href="#ir-4.11_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-4.11_smt"/>
         </part>
         <part id="ir-4.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -33943,17 +33943,17 @@
         </part>
         <part id="ir-4.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(12)"/>
-          <link rel="depends-on" href="#ir-4.12_smt"/>
           <part id="ir-4.12_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(12)[01]"/>
-            <link rel="depends-on" href="#ir-4.12_smt"/>
             <p>malicious code remaining in the system is analyzed after the incident;</p>
+            <link rel="depends-on" href="#ir-4.12_smt"/>
           </part>
           <part id="ir-4.12_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(12)[02]"/>
-            <link rel="depends-on" href="#ir-4.12_smt"/>
             <p>other residual artifacts remaining in the system (if any) are analyzed after the incident.</p>
+            <link rel="depends-on" href="#ir-4.12_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-4.12_smt"/>
         </part>
         <part id="ir-4.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34016,8 +34016,8 @@
         </part>
         <part id="ir-4.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(13)"/>
-          <link rel="depends-on" href="#ir-4.13_smt"/>
           <p>anomalous or suspected adversarial behavior in or related to <insert type="param" id-ref="ir-04.13_odp"/> are analyzed.</p>
+          <link rel="depends-on" href="#ir-4.13_smt"/>
         </part>
         <part id="ir-4.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34070,17 +34070,17 @@
         </part>
         <part id="ir-4.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(14)"/>
-          <link rel="depends-on" href="#ir-4.14_smt"/>
           <part id="ir-4.14_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(14)[01]"/>
-            <link rel="depends-on" href="#ir-4.14_smt"/>
             <p>a security operations center is established;</p>
+            <link rel="depends-on" href="#ir-4.14_smt"/>
           </part>
           <part id="ir-4.14_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(14)[02]"/>
-            <link rel="depends-on" href="#ir-4.14_smt"/>
             <p>a security operations center is maintained.</p>
+            <link rel="depends-on" href="#ir-4.14_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-4.14_smt"/>
         </part>
         <part id="ir-4.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34138,17 +34138,17 @@
         </part>
         <part id="ir-4.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-04(15)"/>
-          <link rel="depends-on" href="#ir-4.15_smt"/>
           <part id="ir-4.15_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(15)(a)"/>
-            <link rel="depends-on" href="#ir-4.15_smt.a"/>
             <p>public relations associated with an incident are managed;</p>
+            <link rel="depends-on" href="#ir-4.15_smt.a"/>
           </part>
           <part id="ir-4.15_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-04(15)(b)"/>
-            <link rel="depends-on" href="#ir-4.15_smt.b"/>
             <p>measures are employed to repair the reputation of the organization.</p>
+            <link rel="depends-on" href="#ir-4.15_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ir-4.15_smt"/>
         </part>
         <part id="ir-4.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34201,17 +34201,17 @@
       </part>
       <part id="ir-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-05"/>
-        <link rel="depends-on" href="#ir-5_smt"/>
         <part id="ir-5_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-05[01]"/>
-          <link rel="depends-on" href="#ir-5_smt"/>
           <p>incidents are tracked;</p>
+          <link rel="depends-on" href="#ir-5_smt"/>
         </part>
         <part id="ir-5_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-05[02]"/>
-          <link rel="depends-on" href="#ir-5_smt"/>
           <p>incidents are documented.</p>
+          <link rel="depends-on" href="#ir-5_smt"/>
         </part>
+        <link rel="depends-on" href="#ir-5_smt"/>
       </part>
       <part id="ir-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34285,22 +34285,22 @@
         </part>
         <part id="ir-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-05(01)"/>
-          <link rel="depends-on" href="#ir-5.1_smt"/>
           <part id="ir-5.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-05(01)[01]"/>
-            <link rel="depends-on" href="#ir-5.1_smt"/>
             <p>incidents are tracked using <insert type="param" id-ref="ir-05.01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ir-5.1_smt"/>
           </part>
           <part id="ir-5.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-05(01)[02]"/>
-            <link rel="depends-on" href="#ir-5.1_smt"/>
             <p>incident information is collected using <insert type="param" id-ref="ir-05.01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ir-5.1_smt"/>
           </part>
           <part id="ir-5.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-05(01)[03]"/>
-            <link rel="depends-on" href="#ir-5.1_smt"/>
             <p>incident information is analyzed using <insert type="param" id-ref="ir-05.01_odp.03"/>.</p>
+            <link rel="depends-on" href="#ir-5.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ir-5.1_smt"/>
         </part>
         <part id="ir-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34379,17 +34379,17 @@
       </part>
       <part id="ir-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-06"/>
-        <link rel="depends-on" href="#ir-6_smt"/>
         <part id="ir-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-06a."/>
-          <link rel="depends-on" href="#ir-6_smt.a"/>
           <p>personnel is/are required to report suspected incidents to the organizational incident response capability within <insert type="param" id-ref="ir-06_odp.01"/>;</p>
+          <link rel="depends-on" href="#ir-6_smt.a"/>
         </part>
         <part id="ir-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-06b."/>
-          <link rel="depends-on" href="#ir-6_smt.b"/>
           <p>incident information is reported to <insert type="param" id-ref="ir-06_odp.02"/>.</p>
+          <link rel="depends-on" href="#ir-6_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ir-6_smt"/>
       </part>
       <part id="ir-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34447,8 +34447,8 @@
         </part>
         <part id="ir-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-06(01)"/>
-          <link rel="depends-on" href="#ir-6.1_smt"/>
           <p>incidents are reported using <insert type="param" id-ref="ir-06.01_odp"/>.</p>
+          <link rel="depends-on" href="#ir-6.1_smt"/>
         </part>
         <part id="ir-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34504,8 +34504,8 @@
         </part>
         <part id="ir-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-06(02)"/>
-          <link rel="depends-on" href="#ir-6.2_smt"/>
           <p>system vulnerabilities associated with reported incidents are reported to <insert type="param" id-ref="ir-06.02_odp"/>.</p>
+          <link rel="depends-on" href="#ir-6.2_smt"/>
         </part>
         <part id="ir-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34555,8 +34555,8 @@
         </part>
         <part id="ir-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-06(03)"/>
-          <link rel="depends-on" href="#ir-6.3_smt"/>
           <p>incident information is provided to the provider of the product or service and other organizations involved in the supply chain or supply chain governance for systems or system components related to the incident.</p>
+          <link rel="depends-on" href="#ir-6.3_smt"/>
         </part>
         <part id="ir-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34620,17 +34620,17 @@
       </part>
       <part id="ir-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-07"/>
-        <link rel="depends-on" href="#ir-7_smt"/>
         <part id="ir-7_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-07[01]"/>
-          <link rel="depends-on" href="#ir-7_smt"/>
           <p>an incident response support resource, integral to the organizational incident response capability, is provided;</p>
+          <link rel="depends-on" href="#ir-7_smt"/>
         </part>
         <part id="ir-7_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-07[02]"/>
-          <link rel="depends-on" href="#ir-7_smt"/>
           <p>the incident response support resource offers advice and assistance to users of the system for the response and reporting of incidents.</p>
+          <link rel="depends-on" href="#ir-7_smt"/>
         </part>
+        <link rel="depends-on" href="#ir-7_smt"/>
       </part>
       <part id="ir-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34684,8 +34684,8 @@
         </part>
         <part id="ir-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-07(01)"/>
-          <link rel="depends-on" href="#ir-7.1_smt"/>
           <p>the availability of incident response information and support is increased using <insert type="param" id-ref="ir-07.01_odp"/>.</p>
+          <link rel="depends-on" href="#ir-7.1_smt"/>
         </part>
         <part id="ir-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34741,17 +34741,17 @@
         </part>
         <part id="ir-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-07(02)"/>
-          <link rel="depends-on" href="#ir-7.2_smt"/>
           <part id="ir-7.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-07(02)(a)"/>
-            <link rel="depends-on" href="#ir-7.2_smt.a"/>
             <p>a direct, cooperative relationship is established between its incident response capability and external providers of the system protection capability;</p>
+            <link rel="depends-on" href="#ir-7.2_smt.a"/>
           </part>
           <part id="ir-7.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-07(02)(b)"/>
-            <link rel="depends-on" href="#ir-7.2_smt.b"/>
             <p>organizational incident response team members are identified to the external providers.</p>
+            <link rel="depends-on" href="#ir-7.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ir-7.2_smt"/>
         </part>
         <part id="ir-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -34923,108 +34923,108 @@
       </part>
       <part id="ir-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-08"/>
-        <link rel="depends-on" href="#ir-8_smt"/>
         <part id="ir-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-08a."/>
-          <link rel="depends-on" href="#ir-8_smt.a"/>
           <part id="ir-8_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.01"/>
-            <link rel="depends-on" href="#ir-8_smt.a.1"/>
             <p>an incident response plan is developed that provides the organization with a roadmap for implementing its incident response capability;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.1"/>
           </part>
           <part id="ir-8_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.02"/>
-            <link rel="depends-on" href="#ir-8_smt.a.2"/>
             <p>an incident response plan is developed that describes the structure and organization of the incident response capability;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.2"/>
           </part>
           <part id="ir-8_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.03"/>
-            <link rel="depends-on" href="#ir-8_smt.a.3"/>
             <p>an incident response plan is developed that provides a high-level approach for how the incident response capability fits into the overall organization;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.3"/>
           </part>
           <part id="ir-8_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.04"/>
-            <link rel="depends-on" href="#ir-8_smt.a.4"/>
             <p>an incident response plan is developed that meets the unique requirements of the organization with regard to mission, size, structure, and functions;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.4"/>
           </part>
           <part id="ir-8_obj.a.5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.05"/>
-            <link rel="depends-on" href="#ir-8_smt.a.5"/>
             <p>an incident response plan is developed that defines reportable incidents;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.5"/>
           </part>
           <part id="ir-8_obj.a.6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.06"/>
-            <link rel="depends-on" href="#ir-8_smt.a.6"/>
             <p>an incident response plan is developed that provides metrics for measuring the incident response capability within the organization;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.6"/>
           </part>
           <part id="ir-8_obj.a.7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.07"/>
-            <link rel="depends-on" href="#ir-8_smt.a.7"/>
             <p>an incident response plan is developed that defines the resources and management support needed to effectively maintain and mature an incident response capability;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.7"/>
           </part>
           <part id="ir-8_obj.a.8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.08"/>
-            <link rel="depends-on" href="#ir-8_smt.a.8"/>
             <p>an incident response plan is developed that addresses the sharing of incident information;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.8"/>
           </part>
           <part id="ir-8_obj.a.9" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.09"/>
-            <link rel="depends-on" href="#ir-8_smt.a.9"/>
             <p>an incident response plan is developed that is reviewed and approved by <insert type="param" id-ref="ir-08_odp.01"/> <insert type="param" id-ref="ir-08_odp.02"/>;</p>
+            <link rel="depends-on" href="#ir-8_smt.a.9"/>
           </part>
           <part id="ir-8_obj.a.10" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08a.10"/>
-            <link rel="depends-on" href="#ir-8_smt.a.10"/>
             <p>an incident response plan is developed that explicitly designates responsibility for incident response to <insert type="param" id-ref="ir-08_odp.03"/>.</p>
+            <link rel="depends-on" href="#ir-8_smt.a.10"/>
           </part>
+          <link rel="depends-on" href="#ir-8_smt.a"/>
         </part>
         <part id="ir-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-08b."/>
-          <link rel="depends-on" href="#ir-8_smt.b"/>
           <part id="ir-8_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08b.[01]"/>
-            <link rel="depends-on" href="#ir-8_smt.b"/>
             <p>copies of the incident response plan are distributed to <insert type="param" id-ref="ir-08_odp.04"/>;</p>
+            <link rel="depends-on" href="#ir-8_smt.b"/>
           </part>
           <part id="ir-8_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08b.[02]"/>
-            <link rel="depends-on" href="#ir-8_smt.b"/>
             <p>copies of the incident response plan are distributed to <insert type="param" id-ref="ir-08_odp.05"/>;</p>
+            <link rel="depends-on" href="#ir-8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ir-8_smt.b"/>
         </part>
         <part id="ir-8_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-08c."/>
-          <link rel="depends-on" href="#ir-8_smt.c"/>
           <p>the incident response plan is updated to address system and organizational changes or problems encountered during plan implementation, execution, or testing;</p>
+          <link rel="depends-on" href="#ir-8_smt.c"/>
         </part>
         <part id="ir-8_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-08d."/>
-          <link rel="depends-on" href="#ir-8_smt.d"/>
           <part id="ir-8_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08d.[01]"/>
-            <link rel="depends-on" href="#ir-8_smt.d"/>
             <p>incident response plan changes are communicated to <insert type="param" id-ref="ir-08_odp.06"/>;</p>
+            <link rel="depends-on" href="#ir-8_smt.d"/>
           </part>
           <part id="ir-8_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08d.[02]"/>
-            <link rel="depends-on" href="#ir-8_smt.d"/>
             <p>incident response plan changes are communicated to <insert type="param" id-ref="ir-08_odp.07"/>;</p>
+            <link rel="depends-on" href="#ir-8_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ir-8_smt.d"/>
         </part>
         <part id="ir-8_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-08e."/>
-          <link rel="depends-on" href="#ir-8_smt.e"/>
           <part id="ir-8_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08e.[01]"/>
-            <link rel="depends-on" href="#ir-8_smt.e"/>
             <p>the incident response plan is protected from unauthorized disclosure;</p>
+            <link rel="depends-on" href="#ir-8_smt.e"/>
           </part>
           <part id="ir-8_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08e.[02]"/>
-            <link rel="depends-on" href="#ir-8_smt.e"/>
             <p>the incident response plan is protected from unauthorized modification.</p>
+            <link rel="depends-on" href="#ir-8_smt.e"/>
           </part>
+          <link rel="depends-on" href="#ir-8_smt.e"/>
         </part>
+        <link rel="depends-on" href="#ir-8_smt"/>
       </part>
       <part id="ir-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35087,22 +35087,22 @@
         </part>
         <part id="ir-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-08(01)"/>
-          <link rel="depends-on" href="#ir-8.1_smt"/>
           <part id="ir-8.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08(01)(a)"/>
-            <link rel="depends-on" href="#ir-8.1_smt.a"/>
             <p>the incident response plan for breaches involving personally identifiable information includes a process to determine if notice to individuals or other organizations, including oversight organizations, is needed;</p>
+            <link rel="depends-on" href="#ir-8.1_smt.a"/>
           </part>
           <part id="ir-8.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08(01)(b)"/>
-            <link rel="depends-on" href="#ir-8.1_smt.b"/>
             <p>the incident response plan for breaches involving personally identifiable information includes an assessment process to determine the extent of the harm, embarrassment, inconvenience, or unfairness to affected individuals and any mechanisms to mitigate such harms;</p>
+            <link rel="depends-on" href="#ir-8.1_smt.b"/>
           </part>
           <part id="ir-8.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="IR-08(01)(c)"/>
-            <link rel="depends-on" href="#ir-8.1_smt.c"/>
             <p>the incident response plan for breaches involving personally identifiable information includes the identification of applicable privacy requirements.</p>
+            <link rel="depends-on" href="#ir-8.1_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ir-8.1_smt"/>
         </part>
         <part id="ir-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35208,42 +35208,42 @@
       </part>
       <part id="ir-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="IR-09"/>
-        <link rel="depends-on" href="#ir-9_smt"/>
         <part id="ir-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09a."/>
-          <link rel="depends-on" href="#ir-9_smt.a"/>
           <p><insert type="param" id-ref="ir-09_odp.01"/> is/are assigned the responsibility to respond to information spills;</p>
+          <link rel="depends-on" href="#ir-9_smt.a"/>
         </part>
         <part id="ir-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09b."/>
-          <link rel="depends-on" href="#ir-9_smt.b"/>
           <p>the specific information involved in the system contamination is identified in response to information spills;</p>
+          <link rel="depends-on" href="#ir-9_smt.b"/>
         </part>
         <part id="ir-9_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09c."/>
-          <link rel="depends-on" href="#ir-9_smt.c"/>
           <p><insert type="param" id-ref="ir-09_odp.02"/> is/are alerted of the information spill using a method of communication not associated with the spill;</p>
+          <link rel="depends-on" href="#ir-9_smt.c"/>
         </part>
         <part id="ir-9_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09d."/>
-          <link rel="depends-on" href="#ir-9_smt.d"/>
           <p>the contaminated system or system component is isolated in response to information spills;</p>
+          <link rel="depends-on" href="#ir-9_smt.d"/>
         </part>
         <part id="ir-9_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09e."/>
-          <link rel="depends-on" href="#ir-9_smt.e"/>
           <p>the information is eradicated from the contaminated system or component in response to information spills;</p>
+          <link rel="depends-on" href="#ir-9_smt.e"/>
         </part>
         <part id="ir-9_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09f."/>
-          <link rel="depends-on" href="#ir-9_smt.f"/>
           <p>other systems or system components that may have been subsequently contaminated are identified in response to information spills;</p>
+          <link rel="depends-on" href="#ir-9_smt.f"/>
         </part>
         <part id="ir-9_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09g."/>
-          <link rel="depends-on" href="#ir-9_smt.g"/>
           <p><insert type="param" id-ref="ir-09_odp.03"/> are performed in response to information spills.</p>
+          <link rel="depends-on" href="#ir-9_smt.g"/>
         </part>
+        <link rel="depends-on" href="#ir-9_smt"/>
       </part>
       <part id="ir-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35310,8 +35310,8 @@
         </part>
         <part id="ir-9.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09(02)"/>
-          <link rel="depends-on" href="#ir-9.2_smt"/>
           <p>information spillage response training is provided <insert type="param" id-ref="ir-09.02_odp"/>.</p>
+          <link rel="depends-on" href="#ir-9.2_smt"/>
         </part>
         <part id="ir-9.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35359,8 +35359,8 @@
         </part>
         <part id="ir-9.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09(03)"/>
-          <link rel="depends-on" href="#ir-9.3_smt"/>
           <p><insert type="param" id-ref="ir-09.03_odp"/> are implemented to ensure that organizational personnel impacted by information spills can continue to carry out assigned tasks while contaminated systems are undergoing corrective actions.</p>
+          <link rel="depends-on" href="#ir-9.3_smt"/>
         </part>
         <part id="ir-9.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35413,8 +35413,8 @@
         </part>
         <part id="ir-9.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="IR-09(04)"/>
-          <link rel="depends-on" href="#ir-9.4_smt"/>
           <p><insert type="param" id-ref="ir-09.04_odp"/> are employed for personnel exposed to information not within assigned access authorizations.</p>
+          <link rel="depends-on" href="#ir-9.4_smt"/>
         </part>
         <part id="ir-9.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35584,116 +35584,116 @@
       </part>
       <part id="ma-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-01"/>
-        <link rel="depends-on" href="#ma-1_smt"/>
         <part id="ma-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-01a."/>
-          <link rel="depends-on" href="#ma-1_smt.a"/>
           <part id="ma-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01a.[01]"/>
-            <link rel="depends-on" href="#ma-1_smt.a"/>
             <p>a maintenance policy is developed and documented;</p>
+            <link rel="depends-on" href="#ma-1_smt.a"/>
           </part>
           <part id="ma-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01a.[02]"/>
-            <link rel="depends-on" href="#ma-1_smt.a"/>
             <p>the maintenance policy is disseminated to <insert type="param" id-ref="ma-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ma-1_smt.a"/>
           </part>
           <part id="ma-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01a.[03]"/>
-            <link rel="depends-on" href="#ma-1_smt.a"/>
             <p>maintenance procedures to facilitate the implementation of the maintenance policy and associated maintenance controls are developed and documented;</p>
+            <link rel="depends-on" href="#ma-1_smt.a"/>
           </part>
           <part id="ma-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01a.[04]"/>
-            <link rel="depends-on" href="#ma-1_smt.a"/>
             <p>the maintenance procedures are disseminated to <insert type="param" id-ref="ma-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ma-1_smt.a"/>
           </part>
           <part id="ma-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01a.01"/>
-            <link rel="depends-on" href="#ma-1_smt.a.1"/>
             <part id="ma-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-01a.01(a)"/>
-              <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               <part id="ma-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses purpose;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
               <part id="ma-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses scope;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
               <part id="ma-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses roles;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
               <part id="ma-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
               <part id="ma-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
               <part id="ma-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
               <part id="ma-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MA-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy addresses compliance;</p>
+                <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ma-1_smt.a.1.a"/>
             </part>
             <part id="ma-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-01a.01(b)"/>
-              <link rel="depends-on" href="#ma-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ma-01_odp.03"/> maintenance policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ma-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ma-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ma-1_smt.a"/>
         </part>
         <part id="ma-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-01b."/>
-          <link rel="depends-on" href="#ma-1_smt.b"/>
           <p>the <insert type="param" id-ref="ma-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the maintenance policy and procedures;</p>
+          <link rel="depends-on" href="#ma-1_smt.b"/>
         </part>
         <part id="ma-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-01c."/>
-          <link rel="depends-on" href="#ma-1_smt.c"/>
           <part id="ma-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01c.01"/>
-            <link rel="depends-on" href="#ma-1_smt.c.1"/>
             <part id="ma-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-01c.01[01]"/>
-              <link rel="depends-on" href="#ma-1_smt.c.1"/>
               <p>the current maintenance policy is reviewed and updated <insert type="param" id-ref="ma-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#ma-1_smt.c.1"/>
             </part>
             <part id="ma-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-01c.01[02]"/>
-              <link rel="depends-on" href="#ma-1_smt.c.1"/>
               <p>the current maintenance policy is reviewed and updated following <insert type="param" id-ref="ma-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ma-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ma-1_smt.c.1"/>
           </part>
           <part id="ma-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-01c.02"/>
-            <link rel="depends-on" href="#ma-1_smt.c.2"/>
             <part id="ma-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-01c.02[01]"/>
-              <link rel="depends-on" href="#ma-1_smt.c.2"/>
               <p>the current maintenance procedures are reviewed and updated <insert type="param" id-ref="ma-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#ma-1_smt.c.2"/>
             </part>
             <part id="ma-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-01c.02[02]"/>
-              <link rel="depends-on" href="#ma-1_smt.c.2"/>
               <p>the current maintenance procedures are reviewed and updated following <insert type="param" id-ref="ma-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ma-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ma-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ma-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ma-1_smt"/>
       </part>
       <part id="ma-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35790,60 +35790,60 @@
       </part>
       <part id="ma-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-02"/>
-        <link rel="depends-on" href="#ma-2_smt"/>
         <part id="ma-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02a."/>
-          <link rel="depends-on" href="#ma-2_smt.a"/>
           <part id="ma-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02a.[01]"/>
-            <link rel="depends-on" href="#ma-2_smt.a"/>
             <p>maintenance, repair, and replacement of system components are scheduled in accordance with manufacturer or vendor specifications and/or organizational requirements;</p>
+            <link rel="depends-on" href="#ma-2_smt.a"/>
           </part>
           <part id="ma-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02a.[02]"/>
-            <link rel="depends-on" href="#ma-2_smt.a"/>
             <p>maintenance, repair, and replacement of system components are documented in accordance with manufacturer or vendor specifications and/or organizational requirements;</p>
+            <link rel="depends-on" href="#ma-2_smt.a"/>
           </part>
           <part id="ma-2_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02a.[03]"/>
-            <link rel="depends-on" href="#ma-2_smt.a"/>
             <p>records of maintenance, repair, and replacement of system components are reviewed in accordance with manufacturer or vendor specifications and/or organizational requirements;</p>
+            <link rel="depends-on" href="#ma-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ma-2_smt.a"/>
         </part>
         <part id="ma-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02b."/>
-          <link rel="depends-on" href="#ma-2_smt.b"/>
           <part id="ma-2_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02b.[01]"/>
-            <link rel="depends-on" href="#ma-2_smt.b"/>
             <p>all maintenance activities, whether performed on site or remotely and whether the system or system components are serviced on site or removed to another location, are approved;</p>
+            <link rel="depends-on" href="#ma-2_smt.b"/>
           </part>
           <part id="ma-2_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02b.[02]"/>
-            <link rel="depends-on" href="#ma-2_smt.b"/>
             <p>all maintenance activities, whether performed on site or remotely and whether the system or system components are serviced on site or removed to another location, are monitored;</p>
+            <link rel="depends-on" href="#ma-2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-2_smt.b"/>
         </part>
         <part id="ma-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02c."/>
-          <link rel="depends-on" href="#ma-2_smt.c"/>
           <p><insert type="param" id-ref="ma-02_odp.01"/> is/are required to explicitly approve the removal of the system or system components from organizational facilities for off-site maintenance, repair, or replacement;</p>
+          <link rel="depends-on" href="#ma-2_smt.c"/>
         </part>
         <part id="ma-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02d."/>
-          <link rel="depends-on" href="#ma-2_smt.d"/>
           <p>equipment is sanitized to remove <insert type="param" id-ref="ma-02_odp.02"/> from associated media prior to removal from organizational facilities for off-site maintenance, repair, or replacement;</p>
+          <link rel="depends-on" href="#ma-2_smt.d"/>
         </part>
         <part id="ma-2_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02e."/>
-          <link rel="depends-on" href="#ma-2_smt.e"/>
           <p>all potentially impacted controls are checked to verify that the controls are still functioning properly following maintenance, repair, or replacement actions;</p>
+          <link rel="depends-on" href="#ma-2_smt.e"/>
         </part>
         <part id="ma-2_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02f."/>
-          <link rel="depends-on" href="#ma-2_smt.f"/>
           <p><insert type="param" id-ref="ma-02_odp.03"/> is included in organizational maintenance records.</p>
+          <link rel="depends-on" href="#ma-2_smt.f"/>
         </part>
+        <link rel="depends-on" href="#ma-2_smt"/>
       </part>
       <part id="ma-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -35937,45 +35937,45 @@
         </part>
         <part id="ma-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-02(02)"/>
-          <link rel="depends-on" href="#ma-2.2_smt"/>
           <part id="ma-2.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02(02)(a)"/>
-            <link rel="depends-on" href="#ma-2.2_smt.a"/>
             <part id="ma-2.2_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-02(02)(a)[01]"/>
-              <link rel="depends-on" href="#ma-2.2_smt.a"/>
               <p><insert type="param" id-ref="ma-02.02_odp.01"/> are used to schedule maintenance, repair, and replacement actions for the system;</p>
+              <link rel="depends-on" href="#ma-2.2_smt.a"/>
             </part>
             <part id="ma-2.2_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-02(02)(a)[02]"/>
-              <link rel="depends-on" href="#ma-2.2_smt.a"/>
               <p><insert type="param" id-ref="ma-02.02_odp.02"/> are used to conduct maintenance, repair, and replacement actions for the system;</p>
+              <link rel="depends-on" href="#ma-2.2_smt.a"/>
             </part>
             <part id="ma-2.2_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-02(02)(a)[03]"/>
-              <link rel="depends-on" href="#ma-2.2_smt.a"/>
               <p><insert type="param" id-ref="ma-02.02_odp.03"/> are used to document maintenance, repair, and replacement actions for the system;</p>
+              <link rel="depends-on" href="#ma-2.2_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ma-2.2_smt.a"/>
           </part>
           <part id="ma-2.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-02(02)(b)"/>
-            <link rel="depends-on" href="#ma-2.2_smt.b"/>
             <part id="ma-2.2_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-02(02)(b)[01]"/>
-              <link rel="depends-on" href="#ma-2.2_smt.b"/>
               <p>up-to date, accurate, and complete records of all maintenance actions requested, scheduled, in process, and completed are produced.</p>
+              <link rel="depends-on" href="#ma-2.2_smt.b"/>
             </part>
             <part id="ma-2.2_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-02(02)(b)[02]"/>
-              <link rel="depends-on" href="#ma-2.2_smt.b"/>
               <p>up-to date, accurate, and complete records of all repair actions requested, scheduled, in process, and completed are produced.</p>
+              <link rel="depends-on" href="#ma-2.2_smt.b"/>
             </part>
             <part id="ma-2.2_obj.b-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-02(02)(b)[03]"/>
-              <link rel="depends-on" href="#ma-2.2_smt.b"/>
               <p>up-to date, accurate, and complete records of all replacement actions requested, scheduled, in process, and completed are produced.</p>
+              <link rel="depends-on" href="#ma-2.2_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ma-2.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-2.2_smt"/>
         </part>
         <part id="ma-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36041,31 +36041,31 @@
       </part>
       <part id="ma-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-03"/>
-        <link rel="depends-on" href="#ma-3_smt"/>
         <part id="ma-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03a."/>
-          <link rel="depends-on" href="#ma-3_smt.a"/>
           <part id="ma-3_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03a.[01]"/>
-            <link rel="depends-on" href="#ma-3_smt.a"/>
             <p>the use of system maintenance tools is approved;</p>
+            <link rel="depends-on" href="#ma-3_smt.a"/>
           </part>
           <part id="ma-3_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03a.[02]"/>
-            <link rel="depends-on" href="#ma-3_smt.a"/>
             <p>the use of system maintenance tools is controlled;</p>
+            <link rel="depends-on" href="#ma-3_smt.a"/>
           </part>
           <part id="ma-3_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03a.[03]"/>
-            <link rel="depends-on" href="#ma-3_smt.a"/>
             <p>the use of system maintenance tools is monitored;</p>
+            <link rel="depends-on" href="#ma-3_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ma-3_smt.a"/>
         </part>
         <part id="ma-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03b."/>
-          <link rel="depends-on" href="#ma-3_smt.b"/>
           <p>previously approved system maintenance tools are reviewed <insert type="param" id-ref="ma-03_odp"/>.</p>
+          <link rel="depends-on" href="#ma-3_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ma-3_smt"/>
       </part>
       <part id="ma-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36111,8 +36111,8 @@
         </part>
         <part id="ma-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03(01)"/>
-          <link rel="depends-on" href="#ma-3.1_smt"/>
           <p>maintenance tools used by maintenance personnel are inspected for improper or unauthorized modifications.</p>
+          <link rel="depends-on" href="#ma-3.1_smt"/>
         </part>
         <part id="ma-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36160,8 +36160,8 @@
         </part>
         <part id="ma-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03(02)"/>
-          <link rel="depends-on" href="#ma-3.2_smt"/>
           <p>media containing diagnostic and test programs are checked for malicious code before the media are used in the system.</p>
+          <link rel="depends-on" href="#ma-3.2_smt"/>
         </part>
         <part id="ma-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36232,27 +36232,27 @@
         </part>
         <part id="ma-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03(03)"/>
-          <link rel="depends-on" href="#ma-3.3_smt"/>
           <part id="ma-3.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03(03)(a)"/>
-            <link rel="depends-on" href="#ma-3.3_smt.a"/>
             <p>the removal of maintenance equipment containing organizational information is prevented by verifying that there is no organizational information contained on the equipment; or</p>
+            <link rel="depends-on" href="#ma-3.3_smt.a"/>
           </part>
           <part id="ma-3.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03(03)(b)"/>
-            <link rel="depends-on" href="#ma-3.3_smt.b"/>
             <p>the removal of maintenance equipment containing organizational information is prevented by sanitizing or destroying the equipment; or</p>
+            <link rel="depends-on" href="#ma-3.3_smt.b"/>
           </part>
           <part id="ma-3.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03(03)(c)"/>
-            <link rel="depends-on" href="#ma-3.3_smt.c"/>
             <p>the removal of maintenance equipment containing organizational information is prevented by retaining the equipment within the facility; or</p>
+            <link rel="depends-on" href="#ma-3.3_smt.c"/>
           </part>
           <part id="ma-3.3_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-03(03)(d)"/>
-            <link rel="depends-on" href="#ma-3.3_smt.d"/>
             <p>the removal of maintenance equipment containing organizational information is prevented by obtaining an exemption from <insert type="param" id-ref="ma-03.03_odp"/> explicitly authorizing removal of the equipment from the facility.</p>
+            <link rel="depends-on" href="#ma-3.3_smt.d"/>
           </part>
+          <link rel="depends-on" href="#ma-3.3_smt"/>
         </part>
         <part id="ma-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36307,8 +36307,8 @@
         </part>
         <part id="ma-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03(04)"/>
-          <link rel="depends-on" href="#ma-3.4_smt"/>
           <p>the use of maintenance tools is restricted to authorized personnel only.</p>
+          <link rel="depends-on" href="#ma-3.4_smt"/>
         </part>
         <part id="ma-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36359,8 +36359,8 @@
         </part>
         <part id="ma-3.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03(05)"/>
-          <link rel="depends-on" href="#ma-3.5_smt"/>
           <p>the use of maintenance tools that execute with increased privilege is monitored.</p>
+          <link rel="depends-on" href="#ma-3.5_smt"/>
         </part>
         <part id="ma-3.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36412,8 +36412,8 @@
         </part>
         <part id="ma-3.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-03(06)"/>
-          <link rel="depends-on" href="#ma-3.6_smt"/>
           <p>maintenance tools are inspected to ensure that the latest software updates and patches are installed.</p>
+          <link rel="depends-on" href="#ma-3.6_smt"/>
         </part>
         <part id="ma-3.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36502,59 +36502,59 @@
       </part>
       <part id="ma-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-04"/>
-        <link rel="depends-on" href="#ma-4_smt"/>
         <part id="ma-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04a."/>
-          <link rel="depends-on" href="#ma-4_smt.a"/>
           <part id="ma-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04a.[01]"/>
-            <link rel="depends-on" href="#ma-4_smt.a"/>
             <p>nonlocal maintenance and diagnostic activities are approved;</p>
+            <link rel="depends-on" href="#ma-4_smt.a"/>
           </part>
           <part id="ma-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04a.[02]"/>
-            <link rel="depends-on" href="#ma-4_smt.a"/>
             <p>nonlocal maintenance and diagnostic activities are monitored;</p>
+            <link rel="depends-on" href="#ma-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ma-4_smt.a"/>
         </part>
         <part id="ma-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04b."/>
-          <link rel="depends-on" href="#ma-4_smt.b"/>
           <part id="ma-4_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04b.[01]"/>
-            <link rel="depends-on" href="#ma-4_smt.b"/>
             <p>the use of nonlocal maintenance and diagnostic tools are allowed only as consistent with organizational policy;</p>
+            <link rel="depends-on" href="#ma-4_smt.b"/>
           </part>
           <part id="ma-4_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04b.[02]"/>
-            <link rel="depends-on" href="#ma-4_smt.b"/>
             <p>the use of nonlocal maintenance and diagnostic tools are documented in the security plan for the system;</p>
+            <link rel="depends-on" href="#ma-4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-4_smt.b"/>
         </part>
         <part id="ma-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04c."/>
-          <link rel="depends-on" href="#ma-4_smt.c"/>
           <p>strong authentication is employed in the establishment of nonlocal maintenance and diagnostic sessions;</p>
+          <link rel="depends-on" href="#ma-4_smt.c"/>
         </part>
         <part id="ma-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04d."/>
-          <link rel="depends-on" href="#ma-4_smt.d"/>
           <p>records for nonlocal maintenance and diagnostic activities are maintained;</p>
+          <link rel="depends-on" href="#ma-4_smt.d"/>
         </part>
         <part id="ma-4_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04e."/>
-          <link rel="depends-on" href="#ma-4_smt.e"/>
           <part id="ma-4_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04e.[01]"/>
-            <link rel="depends-on" href="#ma-4_smt.e"/>
             <p>session connections are terminated when nonlocal maintenance is completed;</p>
+            <link rel="depends-on" href="#ma-4_smt.e"/>
           </part>
           <part id="ma-4_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04e.[02]"/>
-            <link rel="depends-on" href="#ma-4_smt.e"/>
             <p>network connections are terminated when nonlocal maintenance is completed.</p>
+            <link rel="depends-on" href="#ma-4_smt.e"/>
           </part>
+          <link rel="depends-on" href="#ma-4_smt.e"/>
         </part>
+        <link rel="depends-on" href="#ma-4_smt"/>
       </part>
       <part id="ma-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36635,35 +36635,35 @@
         </part>
         <part id="ma-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04(01)"/>
-          <link rel="depends-on" href="#ma-4.1_smt"/>
           <part id="ma-4.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(01)(a)"/>
-            <link rel="depends-on" href="#ma-4.1_smt.a"/>
             <part id="ma-4.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(01)(a)[01]"/>
-              <link rel="depends-on" href="#ma-4.1_smt.a"/>
               <p><insert type="param" id-ref="ma-04.01_odp.01"/> are logged for nonlocal maintenance sessions;</p>
+              <link rel="depends-on" href="#ma-4.1_smt.a"/>
             </part>
             <part id="ma-4.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(01)(a)[02]"/>
-              <link rel="depends-on" href="#ma-4.1_smt.a"/>
               <p><insert type="param" id-ref="ma-04.01_odp.02"/> are logged for nonlocal diagnostic sessions;</p>
+              <link rel="depends-on" href="#ma-4.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ma-4.1_smt.a"/>
           </part>
           <part id="ma-4.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(01)(b)"/>
-            <link rel="depends-on" href="#ma-4.1_smt.b"/>
             <part id="ma-4.1_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(01)(b)[01]"/>
-              <link rel="depends-on" href="#ma-4.1_smt.b"/>
               <p>the audit records of the maintenance sessions are reviewed to detect anomalous behavior;</p>
+              <link rel="depends-on" href="#ma-4.1_smt.b"/>
             </part>
             <part id="ma-4.1_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(01)(b)[02]"/>
-              <link rel="depends-on" href="#ma-4.1_smt.b"/>
               <p>the audit records of the diagnostic sessions are reviewed to detect anomalous behavior.</p>
+              <link rel="depends-on" href="#ma-4.1_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ma-4.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-4.1_smt"/>
         </part>
         <part id="ma-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36734,40 +36734,40 @@
         </part>
         <part id="ma-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04(03)"/>
-          <link rel="depends-on" href="#ma-4.3_smt"/>
           <part id="ma-4.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(03)(a)"/>
-            <link rel="depends-on" href="#ma-4.3_smt.a"/>
             <part id="ma-4.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(03)(a)[01]"/>
-              <link rel="depends-on" href="#ma-4.3_smt.a"/>
               <p>nonlocal maintenance services are required to be performed from a system that implements a security capability comparable to the capability implemented on the system being serviced;</p>
+              <link rel="depends-on" href="#ma-4.3_smt.a"/>
             </part>
             <part id="ma-4.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(03)(a)[02]"/>
-              <link rel="depends-on" href="#ma-4.3_smt.a"/>
               <p>nonlocal diagnostic services are required to be performed from a system that implements a security capability comparable to the capability implemented on the system being serviced; or</p>
+              <link rel="depends-on" href="#ma-4.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#ma-4.3_smt.a"/>
           </part>
           <part id="ma-4.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(03)(b)"/>
-            <link rel="depends-on" href="#ma-4.3_smt.b"/>
             <part id="ma-4.3_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(03)(b)[01]"/>
-              <link rel="depends-on" href="#ma-4.3_smt.b"/>
               <p>the component to be serviced is removed from the system prior to nonlocal maintenance or diagnostic services;</p>
+              <link rel="depends-on" href="#ma-4.3_smt.b"/>
             </part>
             <part id="ma-4.3_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(03)(b)[02]"/>
-              <link rel="depends-on" href="#ma-4.3_smt.b"/>
               <p>the component to be serviced is sanitized (for organizational information);</p>
+              <link rel="depends-on" href="#ma-4.3_smt.b"/>
             </part>
             <part id="ma-4.3_obj.b-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(03)(b)[03]"/>
-              <link rel="depends-on" href="#ma-4.3_smt.b"/>
               <p>the component is inspected and sanitized (for potentially malicious software) after the service is performed and before reconnecting the component to the system.</p>
+              <link rel="depends-on" href="#ma-4.3_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ma-4.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-4.3_smt"/>
         </part>
         <part id="ma-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36845,26 +36845,26 @@
         </part>
         <part id="ma-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04(04)"/>
-          <link rel="depends-on" href="#ma-4.4_smt"/>
           <part id="ma-4.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(04)(a)"/>
-            <link rel="depends-on" href="#ma-4.4_smt.a"/>
             <p>nonlocal maintenance sessions are protected by employing <insert type="param" id-ref="ma-04.04_odp"/>;</p>
+            <link rel="depends-on" href="#ma-4.4_smt.a"/>
           </part>
           <part id="ma-4.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(04)(b)"/>
-            <link rel="depends-on" href="#ma-4.4_smt.b"/>
             <part id="ma-4.4_obj.b.1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(04)(b)(01)"/>
-              <link rel="depends-on" href="#ma-4.4_smt.b.1"/>
               <p>nonlocal maintenance sessions are protected by separating maintenance sessions from other network sessions with the system by physically separated communication paths; or</p>
+              <link rel="depends-on" href="#ma-4.4_smt.b.1"/>
             </part>
             <part id="ma-4.4_obj.b.2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-04(04)(b)(02)"/>
-              <link rel="depends-on" href="#ma-4.4_smt.b.2"/>
               <p>nonlocal maintenance sessions are protected by logically separated communication paths.</p>
+              <link rel="depends-on" href="#ma-4.4_smt.b.2"/>
             </part>
+            <link rel="depends-on" href="#ma-4.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-4.4_smt"/>
         </part>
         <part id="ma-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -36939,17 +36939,17 @@
         </part>
         <part id="ma-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04(05)"/>
-          <link rel="depends-on" href="#ma-4.5_smt"/>
           <part id="ma-4.5_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(05)(a)"/>
-            <link rel="depends-on" href="#ma-4.5_smt.a"/>
             <p>the approval of each nonlocal maintenance session is required by <insert type="param" id-ref="ma-04.05_odp.01"/>;</p>
+            <link rel="depends-on" href="#ma-4.5_smt.a"/>
           </part>
           <part id="ma-4.5_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(05)(b)"/>
-            <link rel="depends-on" href="#ma-4.5_smt.b"/>
             <p><insert type="param" id-ref="ma-04.05_odp.02"/> is/are notified of the date and time of planned nonlocal maintenance.</p>
+            <link rel="depends-on" href="#ma-4.5_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-4.5_smt"/>
         </part>
         <part id="ma-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37010,17 +37010,17 @@
         </part>
         <part id="ma-4.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04(06)"/>
-          <link rel="depends-on" href="#ma-4.6_smt"/>
           <part id="ma-4.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(06)[01]"/>
-            <link rel="depends-on" href="#ma-4.6_smt"/>
             <p><insert type="param" id-ref="ma-04.06_odp"/> are implemented to protect the integrity of nonlocal maintenance and diagnostic communications;</p>
+            <link rel="depends-on" href="#ma-4.6_smt"/>
           </part>
           <part id="ma-4.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(06)[02]"/>
-            <link rel="depends-on" href="#ma-4.6_smt"/>
             <p><insert type="param" id-ref="ma-04.06_odp"/> are implemented to protect the confidentiality of nonlocal maintenance and diagnostic communications.</p>
+            <link rel="depends-on" href="#ma-4.6_smt"/>
           </part>
+          <link rel="depends-on" href="#ma-4.6_smt"/>
         </part>
         <part id="ma-4.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37072,17 +37072,17 @@
         </part>
         <part id="ma-4.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-04(07)"/>
-          <link rel="depends-on" href="#ma-4.7_smt"/>
           <part id="ma-4.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(07)[01]"/>
-            <link rel="depends-on" href="#ma-4.7_smt"/>
             <p>session connection termination is verified after the completion of nonlocal maintenance and diagnostic sessions;</p>
+            <link rel="depends-on" href="#ma-4.7_smt"/>
           </part>
           <part id="ma-4.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-04(07)[02]"/>
-            <link rel="depends-on" href="#ma-4.7_smt"/>
             <p>network connection termination is verified after the completion of nonlocal maintenance and diagnostic sessions.</p>
+            <link rel="depends-on" href="#ma-4.7_smt"/>
           </part>
+          <link rel="depends-on" href="#ma-4.7_smt"/>
         </part>
         <part id="ma-4.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37157,31 +37157,31 @@
       </part>
       <part id="ma-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-05"/>
-        <link rel="depends-on" href="#ma-5_smt"/>
         <part id="ma-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05a."/>
-          <link rel="depends-on" href="#ma-5_smt.a"/>
           <part id="ma-5_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05a.[01]"/>
-            <link rel="depends-on" href="#ma-5_smt.a"/>
             <p>a process for maintenance personnel authorization is established;</p>
+            <link rel="depends-on" href="#ma-5_smt.a"/>
           </part>
           <part id="ma-5_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05a.[02]"/>
-            <link rel="depends-on" href="#ma-5_smt.a"/>
             <p>a list of authorized maintenance organizations or personnel is maintained;</p>
+            <link rel="depends-on" href="#ma-5_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ma-5_smt.a"/>
         </part>
         <part id="ma-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05b."/>
-          <link rel="depends-on" href="#ma-5_smt.b"/>
           <p>non-escorted personnel performing maintenance on the system possess the required access authorizations;</p>
+          <link rel="depends-on" href="#ma-5_smt.b"/>
         </part>
         <part id="ma-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05c."/>
-          <link rel="depends-on" href="#ma-5_smt.c"/>
           <p>organizational personnel with required access authorizations and technical competence is/are designated to supervise the maintenance activities of personnel who do not possess the required access authorizations.</p>
+          <link rel="depends-on" href="#ma-5_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ma-5_smt"/>
       </part>
       <part id="ma-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37254,26 +37254,26 @@
         </part>
         <part id="ma-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05(01)"/>
-          <link rel="depends-on" href="#ma-5.1_smt"/>
           <part id="ma-5.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05(01)(a)"/>
-            <link rel="depends-on" href="#ma-5.1_smt.a"/>
             <part id="ma-5.1_obj.a.1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-05(01)(a)(01)"/>
-              <link rel="depends-on" href="#ma-5.1_smt.a.1"/>
               <p>procedures for the use of maintenance personnel who lack appropriate security clearances or are not U.S. citizens are implemented and include approved organizational personnel who are fully cleared, have appropriate access authorizations, and are technically qualified escorting and supervising maintenance personnel without the needed access authorization during the performance of maintenance and diagnostic activities;</p>
+              <link rel="depends-on" href="#ma-5.1_smt.a.1"/>
             </part>
             <part id="ma-5.1_obj.a.2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-05(01)(a)(02)"/>
-              <link rel="depends-on" href="#ma-5.1_smt.a.2"/>
               <p>procedures for the use of maintenance personnel who lack appropriate security clearances or are not U.S. citizens are implemented and include all volatile information storage components within the system being sanitized and all non-volatile storage media being removed or physically disconnected from the system and secured prior to initiating maintenance or diagnostic activities;</p>
+              <link rel="depends-on" href="#ma-5.1_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#ma-5.1_smt.a"/>
           </part>
           <part id="ma-5.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05(01)(b)"/>
-            <link rel="depends-on" href="#ma-5.1_smt.b"/>
             <p><insert type="param" id-ref="ma-05.01_odp"/> are developed and implemented in the event that a system cannot be sanitized, removed, or disconnected from the system.</p>
+            <link rel="depends-on" href="#ma-5.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-5.1_smt"/>
         </part>
         <part id="ma-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37328,17 +37328,17 @@
         </part>
         <part id="ma-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05(02)"/>
-          <link rel="depends-on" href="#ma-5.2_smt"/>
           <part id="ma-5.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05(02)[01]"/>
-            <link rel="depends-on" href="#ma-5.2_smt"/>
             <p>personnel performing maintenance and diagnostic activities on a system processing, storing, or transmitting classified information possess security clearances for at least the highest classification level and for compartments of information on the system;</p>
+            <link rel="depends-on" href="#ma-5.2_smt"/>
           </part>
           <part id="ma-5.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05(02)[02]"/>
-            <link rel="depends-on" href="#ma-5.2_smt"/>
             <p>personnel performing maintenance and diagnostic activities on a system processing, storing, or transmitting classified information possess formal access approvals for at least the highest classification level and for compartments of information on the system.</p>
+            <link rel="depends-on" href="#ma-5.2_smt"/>
           </part>
+          <link rel="depends-on" href="#ma-5.2_smt"/>
         </part>
         <part id="ma-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37389,8 +37389,8 @@
         </part>
         <part id="ma-5.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05(03)"/>
-          <link rel="depends-on" href="#ma-5.3_smt"/>
           <p>personnel performing maintenance and diagnostic activities on a system processing, storing, or transmitting classified information are U.S. citizens.</p>
+          <link rel="depends-on" href="#ma-5.3_smt"/>
         </part>
         <part id="ma-5.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37441,31 +37441,31 @@
         </part>
         <part id="ma-5.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05(04)"/>
-          <link rel="depends-on" href="#ma-5.4_smt"/>
           <part id="ma-5.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05(04)(a)"/>
-            <link rel="depends-on" href="#ma-5.4_smt.a"/>
             <p>foreign nationals with appropriate security clearances are used to conduct maintenance and diagnostic activities on classified systems only when the systems are jointly owned and operated by the United States and foreign allied governments or owned and operated solely by foreign allied governments;</p>
+            <link rel="depends-on" href="#ma-5.4_smt.a"/>
           </part>
           <part id="ma-5.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MA-05(04)(b)"/>
-            <link rel="depends-on" href="#ma-5.4_smt.b"/>
             <part id="ma-5.4_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-05(04)(b)[01]"/>
-              <link rel="depends-on" href="#ma-5.4_smt.b"/>
               <p>approvals regarding the use of foreign nationals to conduct maintenance and diagnostic activities on classified systems are fully documented within Memoranda of Agreements;</p>
+              <link rel="depends-on" href="#ma-5.4_smt.b"/>
             </part>
             <part id="ma-5.4_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-05(04)(b)[02]"/>
-              <link rel="depends-on" href="#ma-5.4_smt.b"/>
               <p>consents regarding the use of foreign nationals to conduct maintenance and diagnostic activities on classified systems are fully documented within Memoranda of Agreements;</p>
+              <link rel="depends-on" href="#ma-5.4_smt.b"/>
             </part>
             <part id="ma-5.4_obj.b-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MA-05(04)(b)[03]"/>
-              <link rel="depends-on" href="#ma-5.4_smt.b"/>
               <p>detailed operational conditions regarding the use of foreign nationals to conduct maintenance and diagnostic activities on classified systems are fully documented within Memoranda of Agreements.</p>
+              <link rel="depends-on" href="#ma-5.4_smt.b"/>
             </part>
+            <link rel="depends-on" href="#ma-5.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ma-5.4_smt"/>
         </part>
         <part id="ma-5.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37517,8 +37517,8 @@
         </part>
         <part id="ma-5.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-05(05)"/>
-          <link rel="depends-on" href="#ma-5.5_smt"/>
           <p>non-escorted personnel performing maintenance activities not directly associated with the system but in the physical proximity of the system have required access authorizations.</p>
+          <link rel="depends-on" href="#ma-5.5_smt"/>
         </part>
         <part id="ma-5.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37587,8 +37587,8 @@
       </part>
       <part id="ma-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-06"/>
-        <link rel="depends-on" href="#ma-6_smt"/>
         <p>maintenance support and/or spare parts are obtained for <insert type="param" id-ref="ma-06_odp.01"/> within <insert type="param" id-ref="ma-06_odp.02"/> of failure.</p>
+        <link rel="depends-on" href="#ma-6_smt"/>
       </part>
       <part id="ma-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37651,8 +37651,8 @@
         </part>
         <part id="ma-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-06(01)"/>
-          <link rel="depends-on" href="#ma-6.1_smt"/>
           <p>preventive maintenance is performed on <insert type="param" id-ref="ma-06.01_odp.01"/> at <insert type="param" id-ref="ma-06.01_odp.02"/>.</p>
+          <link rel="depends-on" href="#ma-6.1_smt"/>
         </part>
         <part id="ma-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37717,8 +37717,8 @@
         </part>
         <part id="ma-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-06(02)"/>
-          <link rel="depends-on" href="#ma-6.2_smt"/>
           <p>predictive maintenance is performed on <insert type="param" id-ref="ma-06.02_odp.01"/> at <insert type="param" id-ref="ma-06.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#ma-6.2_smt"/>
         </part>
         <part id="ma-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37775,8 +37775,8 @@
         </part>
         <part id="ma-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MA-06(03)"/>
-          <link rel="depends-on" href="#ma-6.3_smt"/>
           <p>predictive maintenance data is transferred to a maintenance management system using <insert type="param" id-ref="ma-06.03_odp"/>.</p>
+          <link rel="depends-on" href="#ma-6.3_smt"/>
         </part>
         <part id="ma-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -37844,8 +37844,8 @@
       </part>
       <part id="ma-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MA-07"/>
-        <link rel="depends-on" href="#ma-7_smt"/>
         <p>field maintenance on <insert type="param" id-ref="ma-07_odp.01"/> are restricted or prohibited to <insert type="param" id-ref="ma-07_odp.02"/>.</p>
+        <link rel="depends-on" href="#ma-7_smt"/>
       </part>
       <part id="ma-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38010,116 +38010,116 @@
       </part>
       <part id="mp-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-01"/>
-        <link rel="depends-on" href="#mp-1_smt"/>
         <part id="mp-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-01a."/>
-          <link rel="depends-on" href="#mp-1_smt.a"/>
           <part id="mp-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01a.[01]"/>
-            <link rel="depends-on" href="#mp-1_smt.a"/>
             <p>a media protection policy is developed and documented;</p>
+            <link rel="depends-on" href="#mp-1_smt.a"/>
           </part>
           <part id="mp-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01a.[02]"/>
-            <link rel="depends-on" href="#mp-1_smt.a"/>
             <p>the media protection policy is disseminated to <insert type="param" id-ref="mp-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#mp-1_smt.a"/>
           </part>
           <part id="mp-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01a.[03]"/>
-            <link rel="depends-on" href="#mp-1_smt.a"/>
             <p>media protection procedures to facilitate the implementation of the media protection policy and associated media protection controls are developed and documented;</p>
+            <link rel="depends-on" href="#mp-1_smt.a"/>
           </part>
           <part id="mp-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01a.[04]"/>
-            <link rel="depends-on" href="#mp-1_smt.a"/>
             <p>the media protection procedures are disseminated to <insert type="param" id-ref="mp-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#mp-1_smt.a"/>
           </part>
           <part id="mp-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01a.01"/>
-            <link rel="depends-on" href="#mp-1_smt.a.1"/>
             <part id="mp-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MP-01a.01(a)"/>
-              <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               <part id="mp-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy addresses purpose;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
               <part id="mp-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy addresses scope;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
               <part id="mp-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy addresses roles;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
               <part id="mp-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
               <part id="mp-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy addresses management commitment;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
               <part id="mp-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
               <part id="mp-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="MP-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="mp-01_odp.03"/> media protection policy compliance;</p>
+                <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#mp-1_smt.a.1.a"/>
             </part>
             <part id="mp-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MP-01a.01(b)"/>
-              <link rel="depends-on" href="#mp-1_smt.a.1.b"/>
               <p>the media protection policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#mp-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#mp-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#mp-1_smt.a"/>
         </part>
         <part id="mp-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-01b."/>
-          <link rel="depends-on" href="#mp-1_smt.b"/>
           <p>the <insert type="param" id-ref="mp-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the media protection policy and procedures.</p>
+          <link rel="depends-on" href="#mp-1_smt.b"/>
         </part>
         <part id="mp-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-01c."/>
-          <link rel="depends-on" href="#mp-1_smt.c"/>
           <part id="mp-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01c.01"/>
-            <link rel="depends-on" href="#mp-1_smt.c.1"/>
             <part id="mp-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MP-01c.01[01]"/>
-              <link rel="depends-on" href="#mp-1_smt.c.1"/>
               <p>the current media protection policy is reviewed and updated <insert type="param" id-ref="mp-01_odp.05"/>; </p>
+              <link rel="depends-on" href="#mp-1_smt.c.1"/>
             </part>
             <part id="mp-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MP-01c.01[02]"/>
-              <link rel="depends-on" href="#mp-1_smt.c.1"/>
               <p>the current media protection policy is reviewed and updated following <insert type="param" id-ref="mp-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#mp-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#mp-1_smt.c.1"/>
           </part>
           <part id="mp-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-01c.02"/>
-            <link rel="depends-on" href="#mp-1_smt.c.2"/>
             <part id="mp-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MP-01c.02[01]"/>
-              <link rel="depends-on" href="#mp-1_smt.c.2"/>
               <p>the current media protection procedures are reviewed and updated <insert type="param" id-ref="mp-01_odp.07"/>; </p>
+              <link rel="depends-on" href="#mp-1_smt.c.2"/>
             </part>
             <part id="mp-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="MP-01c.02[02]"/>
-              <link rel="depends-on" href="#mp-1_smt.c.2"/>
               <p>the current media protection procedures are reviewed and updated following <insert type="param" id-ref="mp-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#mp-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#mp-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#mp-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#mp-1_smt"/>
       </part>
       <part id="mp-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38210,17 +38210,17 @@
       </part>
       <part id="mp-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-02"/>
-        <link rel="depends-on" href="#mp-2_smt"/>
         <part id="mp-2_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-02[01]"/>
-          <link rel="depends-on" href="#mp-2_smt"/>
           <p>access to <insert type="param" id-ref="mp-02_odp.01"/> is restricted to <insert type="param" id-ref="mp-02_odp.02"/>;</p>
+          <link rel="depends-on" href="#mp-2_smt"/>
         </part>
         <part id="mp-2_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-02[02]"/>
-          <link rel="depends-on" href="#mp-2_smt"/>
           <p>access to <insert type="param" id-ref="mp-02_odp.03"/> is restricted to <insert type="param" id-ref="mp-02_odp.04"/>.</p>
+          <link rel="depends-on" href="#mp-2_smt"/>
         </part>
+        <link rel="depends-on" href="#mp-2_smt"/>
       </part>
       <part id="mp-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38316,17 +38316,17 @@
       </part>
       <part id="mp-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-03"/>
-        <link rel="depends-on" href="#mp-3_smt"/>
         <part id="mp-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-03a."/>
-          <link rel="depends-on" href="#mp-3_smt.a"/>
           <p>system media is marked to indicate distribution limitations, handling caveats, and applicable security markings (if any) of the information;</p>
+          <link rel="depends-on" href="#mp-3_smt.a"/>
         </part>
         <part id="mp-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-03b."/>
-          <link rel="depends-on" href="#mp-3_smt.b"/>
           <p><insert type="param" id-ref="mp-03_odp.01"/> remain within <insert type="param" id-ref="mp-03_odp.02"/>.</p>
+          <link rel="depends-on" href="#mp-3_smt.b"/>
         </part>
+        <link rel="depends-on" href="#mp-3_smt"/>
       </part>
       <part id="mp-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38455,36 +38455,36 @@
       </part>
       <part id="mp-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-04"/>
-        <link rel="depends-on" href="#mp-4_smt"/>
         <part id="mp-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-04a."/>
-          <link rel="depends-on" href="#mp-4_smt.a"/>
           <part id="mp-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04a.[01]"/>
-            <link rel="depends-on" href="#mp-4_smt.a"/>
             <p><insert type="param" id-ref="mp-04_odp.01"/> are physically controlled;</p>
+            <link rel="depends-on" href="#mp-4_smt.a"/>
           </part>
           <part id="mp-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04a.[02]"/>
-            <link rel="depends-on" href="#mp-4_smt.a"/>
             <p><insert type="param" id-ref="mp-04_odp.02"/> are physically controlled;</p>
+            <link rel="depends-on" href="#mp-4_smt.a"/>
           </part>
           <part id="mp-4_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04a.[03]"/>
-            <link rel="depends-on" href="#mp-4_smt.a"/>
             <p><insert type="param" id-ref="mp-04_odp.03"/> are securely stored within <insert type="param" id-ref="mp-04_odp.05"/>;</p>
+            <link rel="depends-on" href="#mp-4_smt.a"/>
           </part>
           <part id="mp-4_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04a.[04]"/>
-            <link rel="depends-on" href="#mp-4_smt.a"/>
             <p><insert type="param" id-ref="mp-04_odp.04"/> are securely stored within <insert type="param" id-ref="mp-04_odp.06"/>;</p>
+            <link rel="depends-on" href="#mp-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#mp-4_smt.a"/>
         </part>
         <part id="mp-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-04b."/>
-          <link rel="depends-on" href="#mp-4_smt.b"/>
           <p>system media types (defined in MP-04_ODP[01], MP-04_ODP[02], MP-04_ODP[03], MP-04_ODP[04]) are protected until the media are destroyed or sanitized using approved equipment, techniques, and procedures.</p>
+          <link rel="depends-on" href="#mp-4_smt.b"/>
         </part>
+        <link rel="depends-on" href="#mp-4_smt"/>
       </part>
       <part id="mp-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38572,22 +38572,22 @@
         </part>
         <part id="mp-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-04(02)"/>
-          <link rel="depends-on" href="#mp-4.2_smt"/>
           <part id="mp-4.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04(02)[01]"/>
-            <link rel="depends-on" href="#mp-4.2_smt"/>
             <p>access to media storage areas is restricted using <insert type="param" id-ref="mp-04.02_odp.01"/>;</p>
+            <link rel="depends-on" href="#mp-4.2_smt"/>
           </part>
           <part id="mp-4.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04(02)[02]"/>
-            <link rel="depends-on" href="#mp-4.2_smt"/>
             <p>access attempts to media storage areas are logged using <insert type="param" id-ref="mp-04.02_odp.02"/>;</p>
+            <link rel="depends-on" href="#mp-4.2_smt"/>
           </part>
           <part id="mp-4.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-04(02)[03]"/>
-            <link rel="depends-on" href="#mp-4.2_smt"/>
             <p>access granted to media storage areas is logged using <insert type="param" id-ref="mp-04.02_odp.03"/>.</p>
+            <link rel="depends-on" href="#mp-4.2_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-4.2_smt"/>
         </part>
         <part id="mp-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38697,45 +38697,45 @@
       </part>
       <part id="mp-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-05"/>
-        <link rel="depends-on" href="#mp-5_smt"/>
         <part id="mp-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-05a."/>
-          <link rel="depends-on" href="#mp-5_smt.a"/>
           <part id="mp-5_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-05a.[01]"/>
-            <link rel="depends-on" href="#mp-5_smt.a"/>
             <p><insert type="param" id-ref="mp-05_odp.01"/> are protected during transport outside of controlled areas using <insert type="param" id-ref="mp-05_odp.02"/>;</p>
+            <link rel="depends-on" href="#mp-5_smt.a"/>
           </part>
           <part id="mp-5_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-05a.[02]"/>
-            <link rel="depends-on" href="#mp-5_smt.a"/>
             <p><insert type="param" id-ref="mp-05_odp.01"/> are controlled during transport outside of controlled areas using <insert type="param" id-ref="mp-05_odp.03"/>;</p>
+            <link rel="depends-on" href="#mp-5_smt.a"/>
           </part>
+          <link rel="depends-on" href="#mp-5_smt.a"/>
         </part>
         <part id="mp-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-05b."/>
-          <link rel="depends-on" href="#mp-5_smt.b"/>
           <p>accountability for system media is maintained during transport outside of controlled areas;</p>
+          <link rel="depends-on" href="#mp-5_smt.b"/>
         </part>
         <part id="mp-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-05c."/>
-          <link rel="depends-on" href="#mp-5_smt.c"/>
           <p>activities associated with the transport of system media are documented;</p>
+          <link rel="depends-on" href="#mp-5_smt.c"/>
         </part>
         <part id="mp-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-05d."/>
-          <link rel="depends-on" href="#mp-5_smt.d"/>
           <part id="mp-5_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-05d.[01]"/>
-            <link rel="depends-on" href="#mp-5_smt.d"/>
             <p>personnel authorized to conduct media transport activities is/are identified;</p>
+            <link rel="depends-on" href="#mp-5_smt.d"/>
           </part>
           <part id="mp-5_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-05d.[02]"/>
-            <link rel="depends-on" href="#mp-5_smt.d"/>
             <p>activities associated with the transport of system media are restricted to identified authorized personnel.</p>
+            <link rel="depends-on" href="#mp-5_smt.d"/>
           </part>
+          <link rel="depends-on" href="#mp-5_smt.d"/>
         </part>
+        <link rel="depends-on" href="#mp-5_smt"/>
       </part>
       <part id="mp-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38800,17 +38800,17 @@
         </part>
         <part id="mp-5.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-05(03)"/>
-          <link rel="depends-on" href="#mp-5.3_smt"/>
           <part id="mp-5.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-05(03)[01]"/>
-            <link rel="depends-on" href="#mp-5.3_smt"/>
             <p>a custodian to transport system media outside of controlled areas is identified;</p>
+            <link rel="depends-on" href="#mp-5.3_smt"/>
           </part>
           <part id="mp-5.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-05(03)[02]"/>
-            <link rel="depends-on" href="#mp-5.3_smt"/>
             <p>the identified custodian is employed during the transport of system media outside of controlled areas.</p>
+            <link rel="depends-on" href="#mp-5.3_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-5.3_smt"/>
         </part>
         <part id="mp-5.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -38947,31 +38947,31 @@
       </part>
       <part id="mp-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-06"/>
-        <link rel="depends-on" href="#mp-6_smt"/>
         <part id="mp-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06a."/>
-          <link rel="depends-on" href="#mp-6_smt.a"/>
           <part id="mp-6_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06a.[01]"/>
-            <link rel="depends-on" href="#mp-6_smt.a"/>
             <p><insert type="param" id-ref="mp-06_odp.01"/> is sanitized using <insert type="param" id-ref="mp-06_odp.04"/> prior to disposal;</p>
+            <link rel="depends-on" href="#mp-6_smt.a"/>
           </part>
           <part id="mp-6_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06a.[02]"/>
-            <link rel="depends-on" href="#mp-6_smt.a"/>
             <p><insert type="param" id-ref="mp-06_odp.02"/> is sanitized using <insert type="param" id-ref="mp-06_odp.05"/> prior to release from organizational control;</p>
+            <link rel="depends-on" href="#mp-6_smt.a"/>
           </part>
           <part id="mp-6_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06a.[03]"/>
-            <link rel="depends-on" href="#mp-6_smt.a"/>
             <p><insert type="param" id-ref="mp-06_odp.03"/> is sanitized using <insert type="param" id-ref="mp-06_odp.06"/> prior to release for reuse;</p>
+            <link rel="depends-on" href="#mp-6_smt.a"/>
           </part>
+          <link rel="depends-on" href="#mp-6_smt.a"/>
         </part>
         <part id="mp-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06b."/>
-          <link rel="depends-on" href="#mp-6_smt.b"/>
           <p>sanitization mechanisms with strength and integrity commensurate with the security category or classification of the information are employed.</p>
+          <link rel="depends-on" href="#mp-6_smt.b"/>
         </part>
+        <link rel="depends-on" href="#mp-6_smt"/>
       </part>
       <part id="mp-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39024,32 +39024,32 @@
         </part>
         <part id="mp-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06(01)"/>
-          <link rel="depends-on" href="#mp-6.1_smt"/>
           <part id="mp-6.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(01)[01]"/>
-            <link rel="depends-on" href="#mp-6.1_smt"/>
             <p>media sanitization and disposal actions are reviewed;</p>
+            <link rel="depends-on" href="#mp-6.1_smt"/>
           </part>
           <part id="mp-6.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(01)[02]"/>
-            <link rel="depends-on" href="#mp-6.1_smt"/>
             <p>media sanitization and disposal actions are approved;</p>
+            <link rel="depends-on" href="#mp-6.1_smt"/>
           </part>
           <part id="mp-6.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(01)[03]"/>
-            <link rel="depends-on" href="#mp-6.1_smt"/>
             <p>media sanitization and disposal actions are tracked;</p>
+            <link rel="depends-on" href="#mp-6.1_smt"/>
           </part>
           <part id="mp-6.1_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(01)[04]"/>
-            <link rel="depends-on" href="#mp-6.1_smt"/>
             <p>media sanitization and disposal actions are documented;</p>
+            <link rel="depends-on" href="#mp-6.1_smt"/>
           </part>
           <part id="mp-6.1_obj-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(01)[05]"/>
-            <link rel="depends-on" href="#mp-6.1_smt"/>
             <p>media sanitization and disposal actions are verified.</p>
+            <link rel="depends-on" href="#mp-6.1_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-6.1_smt"/>
         </part>
         <part id="mp-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39124,17 +39124,17 @@
         </part>
         <part id="mp-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06(02)"/>
-          <link rel="depends-on" href="#mp-6.2_smt"/>
           <part id="mp-6.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(02)[01]"/>
-            <link rel="depends-on" href="#mp-6.2_smt"/>
             <p>sanitization equipment is tested <insert type="param" id-ref="mp-06.02_odp.01"/> to ensure that the intended sanitization is being achieved;</p>
+            <link rel="depends-on" href="#mp-6.2_smt"/>
           </part>
           <part id="mp-6.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-06(02)[02]"/>
-            <link rel="depends-on" href="#mp-6.2_smt"/>
             <p>sanitization procedures are tested <insert type="param" id-ref="mp-06.02_odp.02"/> to ensure that the intended sanitization is being achieved.</p>
+            <link rel="depends-on" href="#mp-6.2_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-6.2_smt"/>
         </part>
         <part id="mp-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39196,8 +39196,8 @@
         </part>
         <part id="mp-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06(03)"/>
-          <link rel="depends-on" href="#mp-6.3_smt"/>
           <p>non-destructive sanitization techniques are applied to portable storage devices prior to connecting such devices to the system under <insert type="param" id-ref="mp-06.03_odp"/>.</p>
+          <link rel="depends-on" href="#mp-6.3_smt"/>
         </part>
         <part id="mp-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39279,8 +39279,8 @@
         </part>
         <part id="mp-6.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06(07)"/>
-          <link rel="depends-on" href="#mp-6.7_smt"/>
           <p>dual authorization for sanitization of <insert type="param" id-ref="mp-06.07_odp"/> is enforced.</p>
+          <link rel="depends-on" href="#mp-6.7_smt"/>
         </part>
         <part id="mp-6.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39355,8 +39355,8 @@
         </part>
         <part id="mp-6.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-06(08)"/>
-          <link rel="depends-on" href="#mp-6.8_smt"/>
           <p>the capability to purge or wipe information from <insert type="param" id-ref="mp-06.08_odp.01"/> <insert type="param" id-ref="mp-06.08_odp.02"/> is provided.</p>
+          <link rel="depends-on" href="#mp-6.8_smt"/>
         </part>
         <part id="mp-6.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39453,17 +39453,17 @@
       </part>
       <part id="mp-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-07"/>
-        <link rel="depends-on" href="#mp-7_smt"/>
         <part id="mp-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-07a."/>
-          <link rel="depends-on" href="#mp-7_smt.a"/>
           <p>the use of <insert type="param" id-ref="mp-07_odp.01"/> is <insert type="param" id-ref="mp-07_odp.02"/> on <insert type="param" id-ref="mp-07_odp.03"/> using <insert type="param" id-ref="mp-07_odp.04"/>;</p>
+          <link rel="depends-on" href="#mp-7_smt.a"/>
         </part>
         <part id="mp-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-07b."/>
-          <link rel="depends-on" href="#mp-7_smt.b"/>
           <p>the use of portable storage devices in organizational systems is prohibited when such devices have no identifiable owner.</p>
+          <link rel="depends-on" href="#mp-7_smt.b"/>
         </part>
+        <link rel="depends-on" href="#mp-7_smt"/>
       </part>
       <part id="mp-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39521,17 +39521,17 @@
         </part>
         <part id="mp-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-07(02)"/>
-          <link rel="depends-on" href="#mp-7.2_smt"/>
           <part id="mp-7.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-07(02)[01]"/>
-            <link rel="depends-on" href="#mp-7.2_smt"/>
             <p>sanitization-resistant media is identified;</p>
+            <link rel="depends-on" href="#mp-7.2_smt"/>
           </part>
           <part id="mp-7.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-07(02)[02]"/>
-            <link rel="depends-on" href="#mp-7.2_smt"/>
             <p>the use of sanitization-resistant media in organizational systems is prohibited.</p>
+            <link rel="depends-on" href="#mp-7.2_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-7.2_smt"/>
         </part>
         <part id="mp-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39612,45 +39612,45 @@
       </part>
       <part id="mp-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="MP-08"/>
-        <link rel="depends-on" href="#mp-8_smt"/>
         <part id="mp-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08a."/>
-          <link rel="depends-on" href="#mp-8_smt.a"/>
           <part id="mp-8_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08a.[01]"/>
-            <link rel="depends-on" href="#mp-8_smt.a"/>
             <p>a <insert type="param" id-ref="mp-08_odp.01"/> is established;</p>
+            <link rel="depends-on" href="#mp-8_smt.a"/>
           </part>
           <part id="mp-8_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08a.[02]"/>
-            <link rel="depends-on" href="#mp-8_smt.a"/>
             <p>the <insert type="param" id-ref="mp-08_odp.01"/> includes employing downgrading mechanisms with strength and integrity commensurate with the security category or classification of the information;</p>
+            <link rel="depends-on" href="#mp-8_smt.a"/>
           </part>
+          <link rel="depends-on" href="#mp-8_smt.a"/>
         </part>
         <part id="mp-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08b."/>
-          <link rel="depends-on" href="#mp-8_smt.b"/>
           <part id="mp-8_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08b.[01]"/>
-            <link rel="depends-on" href="#mp-8_smt.b"/>
             <p>there is verification that the system media downgrading process is commensurate with the security category and/or classification level of the information to be removed;</p>
+            <link rel="depends-on" href="#mp-8_smt.b"/>
           </part>
           <part id="mp-8_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08b.[02]"/>
-            <link rel="depends-on" href="#mp-8_smt.b"/>
             <p>there is verification that the system media downgrading process is commensurate with the access authorizations of the potential recipients of the downgraded information;</p>
+            <link rel="depends-on" href="#mp-8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#mp-8_smt.b"/>
         </part>
         <part id="mp-8_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08c."/>
-          <link rel="depends-on" href="#mp-8_smt.c"/>
           <p><insert type="param" id-ref="mp-08_odp.02"/> is identified;</p>
+          <link rel="depends-on" href="#mp-8_smt.c"/>
         </part>
         <part id="mp-8_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08d."/>
-          <link rel="depends-on" href="#mp-8_smt.d"/>
           <p>the identified system media is downgraded using the <insert type="param" id-ref="mp-08_odp.01"/>.</p>
+          <link rel="depends-on" href="#mp-8_smt.d"/>
         </part>
+        <link rel="depends-on" href="#mp-8_smt"/>
       </part>
       <part id="mp-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39698,8 +39698,8 @@
         </part>
         <part id="mp-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08(01)"/>
-          <link rel="depends-on" href="#mp-8.1_smt"/>
           <p>system media downgrading actions are documented.</p>
+          <link rel="depends-on" href="#mp-8.1_smt"/>
         </part>
         <part id="mp-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39767,17 +39767,17 @@
         </part>
         <part id="mp-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08(02)"/>
-          <link rel="depends-on" href="#mp-8.2_smt"/>
           <part id="mp-8.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08(02)[01]"/>
-            <link rel="depends-on" href="#mp-8.2_smt"/>
             <p>downgrading equipment is tested <insert type="param" id-ref="mp-08.02_odp.01"/> to ensure that downgrading actions are being achieved;</p>
+            <link rel="depends-on" href="#mp-8.2_smt"/>
           </part>
           <part id="mp-8.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08(02)[02]"/>
-            <link rel="depends-on" href="#mp-8.2_smt"/>
             <p>downgrading procedures are tested <insert type="param" id-ref="mp-08.02_odp.02"/> to ensure that downgrading actions are being achieved.</p>
+            <link rel="depends-on" href="#mp-8.2_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-8.2_smt"/>
         </part>
         <part id="mp-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39825,17 +39825,17 @@
         </part>
         <part id="mp-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08(03)"/>
-          <link rel="depends-on" href="#mp-8.3_smt"/>
           <part id="mp-8.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08(03)[01]"/>
-            <link rel="depends-on" href="#mp-8.3_smt"/>
             <p>system media containing controlled unclassified information is identified;</p>
+            <link rel="depends-on" href="#mp-8.3_smt"/>
           </part>
           <part id="mp-8.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08(03)[02]"/>
-            <link rel="depends-on" href="#mp-8.3_smt"/>
             <p>system media containing controlled unclassified information is downgraded prior to public release.</p>
+            <link rel="depends-on" href="#mp-8.3_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-8.3_smt"/>
         </part>
         <part id="mp-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -39882,17 +39882,17 @@
         </part>
         <part id="mp-8.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="MP-08(04)"/>
-          <link rel="depends-on" href="#mp-8.4_smt"/>
           <part id="mp-8.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08(04)[01]"/>
-            <link rel="depends-on" href="#mp-8.4_smt"/>
             <p>system media containing classified information is identified;</p>
+            <link rel="depends-on" href="#mp-8.4_smt"/>
           </part>
           <part id="mp-8.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="MP-08(04)[02]"/>
-            <link rel="depends-on" href="#mp-8.4_smt"/>
             <p>system media containing classified information is downgraded prior to release to individuals without required access authorizations.</p>
+            <link rel="depends-on" href="#mp-8.4_smt"/>
           </part>
+          <link rel="depends-on" href="#mp-8.4_smt"/>
         </part>
         <part id="mp-8.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40055,116 +40055,116 @@
       </part>
       <part id="pe-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-01"/>
-        <link rel="depends-on" href="#pe-1_smt"/>
         <part id="pe-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-01a."/>
-          <link rel="depends-on" href="#pe-1_smt.a"/>
           <part id="pe-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01a.[01]"/>
-            <link rel="depends-on" href="#pe-1_smt.a"/>
             <p>a physical and environmental protection policy is developed and documented;</p>
+            <link rel="depends-on" href="#pe-1_smt.a"/>
           </part>
           <part id="pe-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01a.[02]"/>
-            <link rel="depends-on" href="#pe-1_smt.a"/>
             <p>the physical and environmental protection policy is disseminated to <insert type="param" id-ref="pe-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#pe-1_smt.a"/>
           </part>
           <part id="pe-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01a.[03]"/>
-            <link rel="depends-on" href="#pe-1_smt.a"/>
             <p>physical and environmental protection procedures to facilitate the implementation of the physical and environmental protection policy and associated physical and environmental protection controls are developed and documented;</p>
+            <link rel="depends-on" href="#pe-1_smt.a"/>
           </part>
           <part id="pe-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01a.[04]"/>
-            <link rel="depends-on" href="#pe-1_smt.a"/>
             <p>the physical and environmental protection procedures are disseminated to <insert type="param" id-ref="pe-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#pe-1_smt.a"/>
           </part>
           <part id="pe-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01a.01"/>
-            <link rel="depends-on" href="#pe-1_smt.a.1"/>
             <part id="pe-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-01a.01(a)"/>
-              <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               <part id="pe-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses purpose;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
               <part id="pe-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses scope;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
               <part id="pe-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses roles;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
               <part id="pe-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
               <part id="pe-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses management commitment;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
               <part id="pe-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
               <part id="pe-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PE-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy addresses compliance;</p>
+                <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#pe-1_smt.a.1.a"/>
             </part>
             <part id="pe-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-01a.01(b)"/>
-              <link rel="depends-on" href="#pe-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="pe-01_odp.03"/> physical and environmental protection policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#pe-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#pe-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#pe-1_smt.a"/>
         </part>
         <part id="pe-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-01b."/>
-          <link rel="depends-on" href="#pe-1_smt.b"/>
           <p>the <insert type="param" id-ref="pe-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the physical and environmental protection policy and procedures;</p>
+          <link rel="depends-on" href="#pe-1_smt.b"/>
         </part>
         <part id="pe-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-01c."/>
-          <link rel="depends-on" href="#pe-1_smt.c"/>
           <part id="pe-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01c.01"/>
-            <link rel="depends-on" href="#pe-1_smt.c.1"/>
             <part id="pe-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-01c.01[01]"/>
-              <link rel="depends-on" href="#pe-1_smt.c.1"/>
               <p>the current physical and environmental protection policy is reviewed and updated <insert type="param" id-ref="pe-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#pe-1_smt.c.1"/>
             </part>
             <part id="pe-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-01c.01[02]"/>
-              <link rel="depends-on" href="#pe-1_smt.c.1"/>
               <p>the current physical and environmental protection policy is reviewed and updated following <insert type="param" id-ref="pe-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#pe-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#pe-1_smt.c.1"/>
           </part>
           <part id="pe-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-01c.02"/>
-            <link rel="depends-on" href="#pe-1_smt.c.2"/>
             <part id="pe-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-01c.02[01]"/>
-              <link rel="depends-on" href="#pe-1_smt.c.2"/>
               <p>the current physical and environmental protection procedures are reviewed and updated <insert type="param" id-ref="pe-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#pe-1_smt.c.2"/>
             </part>
             <part id="pe-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-01c.02[02]"/>
-              <link rel="depends-on" href="#pe-1_smt.c.2"/>
               <p>the current physical and environmental protection procedures are reviewed and updated following <insert type="param" id-ref="pe-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#pe-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#pe-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#pe-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pe-1_smt"/>
       </part>
       <part id="pe-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40241,41 +40241,41 @@
       </part>
       <part id="pe-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-02"/>
-        <link rel="depends-on" href="#pe-2_smt"/>
         <part id="pe-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02a."/>
-          <link rel="depends-on" href="#pe-2_smt.a"/>
           <part id="pe-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-02a.[01]"/>
-            <link rel="depends-on" href="#pe-2_smt.a"/>
             <p>a list of individuals with authorized access to the facility where the system resides has been developed;</p>
+            <link rel="depends-on" href="#pe-2_smt.a"/>
           </part>
           <part id="pe-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-02a.[02]"/>
-            <link rel="depends-on" href="#pe-2_smt.a"/>
             <p>the list of individuals with authorized access to the facility where the system resides has been approved;</p>
+            <link rel="depends-on" href="#pe-2_smt.a"/>
           </part>
           <part id="pe-2_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-02a.[03]"/>
-            <link rel="depends-on" href="#pe-2_smt.a"/>
             <p>the list of individuals with authorized access to the facility where the system resides has been maintained;</p>
+            <link rel="depends-on" href="#pe-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pe-2_smt.a"/>
         </part>
         <part id="pe-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02b."/>
-          <link rel="depends-on" href="#pe-2_smt.b"/>
           <p>authorization credentials are issued for facility access;</p>
+          <link rel="depends-on" href="#pe-2_smt.b"/>
         </part>
         <part id="pe-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02c."/>
-          <link rel="depends-on" href="#pe-2_smt.c"/>
           <p>the access list detailing authorized facility access by individuals is reviewed <insert type="param" id-ref="pe-02_odp"/>;</p>
+          <link rel="depends-on" href="#pe-2_smt.c"/>
         </part>
         <part id="pe-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02d."/>
-          <link rel="depends-on" href="#pe-2_smt.d"/>
           <p>individuals are removed from the facility access list when access is no longer required.</p>
+          <link rel="depends-on" href="#pe-2_smt.d"/>
         </part>
+        <link rel="depends-on" href="#pe-2_smt"/>
       </part>
       <part id="pe-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40326,8 +40326,8 @@
         </part>
         <part id="pe-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02(01)"/>
-          <link rel="depends-on" href="#pe-2.1_smt"/>
           <p>physical access to the facility where the system resides is authorized based on position or role.</p>
+          <link rel="depends-on" href="#pe-2.1_smt"/>
         </part>
         <part id="pe-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40386,8 +40386,8 @@
         </part>
         <part id="pe-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02(02)"/>
-          <link rel="depends-on" href="#pe-2.2_smt"/>
           <p>two forms of identification are required from <insert type="param" id-ref="pe-02.02_odp"/> for visitor access to the facility where the system resides.</p>
+          <link rel="depends-on" href="#pe-2.2_smt"/>
         </part>
         <part id="pe-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40456,8 +40456,8 @@
         </part>
         <part id="pe-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-02(03)"/>
-          <link rel="depends-on" href="#pe-2.3_smt"/>
           <p>unescorted access to the facility where the system resides is restricted to personnel with <insert type="param" id-ref="pe-02.03_odp.01"/>.</p>
+          <link rel="depends-on" href="#pe-2.3_smt"/>
         </part>
         <part id="pe-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40656,83 +40656,83 @@
       </part>
       <part id="pe-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-03"/>
-        <link rel="depends-on" href="#pe-3_smt"/>
         <part id="pe-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03a."/>
-          <link rel="depends-on" href="#pe-3_smt.a"/>
           <part id="pe-3_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03a.01"/>
-            <link rel="depends-on" href="#pe-3_smt.a.1"/>
             <p>physical access authorizations are enforced at <insert type="param" id-ref="pe-03_odp.01"/> by verifying individual access authorizations before granting access to the facility;</p>
+            <link rel="depends-on" href="#pe-3_smt.a.1"/>
           </part>
           <part id="pe-3_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03a.02"/>
-            <link rel="depends-on" href="#pe-3_smt.a.2"/>
             <p>physical access authorizations are enforced at <insert type="param" id-ref="pe-03_odp.01"/> by controlling ingress and egress to the facility using <insert type="param" id-ref="pe-03_odp.02"/>;</p>
+            <link rel="depends-on" href="#pe-3_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#pe-3_smt.a"/>
         </part>
         <part id="pe-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03b."/>
-          <link rel="depends-on" href="#pe-3_smt.b"/>
           <p>physical access audit logs are maintained for <insert type="param" id-ref="pe-03_odp.04"/>;</p>
+          <link rel="depends-on" href="#pe-3_smt.b"/>
         </part>
         <part id="pe-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03c."/>
-          <link rel="depends-on" href="#pe-3_smt.c"/>
           <p>access to areas within the facility designated as publicly accessible are maintained by implementing <insert type="param" id-ref="pe-03_odp.05"/>;</p>
+          <link rel="depends-on" href="#pe-3_smt.c"/>
         </part>
         <part id="pe-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03d."/>
-          <link rel="depends-on" href="#pe-3_smt.d"/>
           <part id="pe-3_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03d.[01]"/>
-            <link rel="depends-on" href="#pe-3_smt.d"/>
             <p>visitors are escorted;</p>
+            <link rel="depends-on" href="#pe-3_smt.d"/>
           </part>
           <part id="pe-3_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03d.[02]"/>
-            <link rel="depends-on" href="#pe-3_smt.d"/>
             <p>visitor activity is controlled <insert type="param" id-ref="pe-03_odp.06"/>;</p>
+            <link rel="depends-on" href="#pe-3_smt.d"/>
           </part>
+          <link rel="depends-on" href="#pe-3_smt.d"/>
         </part>
         <part id="pe-3_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03e."/>
-          <link rel="depends-on" href="#pe-3_smt.e"/>
           <part id="pe-3_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03e.[01]"/>
-            <link rel="depends-on" href="#pe-3_smt.e"/>
             <p>keys are secured;</p>
+            <link rel="depends-on" href="#pe-3_smt.e"/>
           </part>
           <part id="pe-3_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03e.[02]"/>
-            <link rel="depends-on" href="#pe-3_smt.e"/>
             <p>combinations are secured;</p>
+            <link rel="depends-on" href="#pe-3_smt.e"/>
           </part>
           <part id="pe-3_obj.e-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03e.[03]"/>
-            <link rel="depends-on" href="#pe-3_smt.e"/>
             <p>other physical access devices are secured;</p>
+            <link rel="depends-on" href="#pe-3_smt.e"/>
           </part>
+          <link rel="depends-on" href="#pe-3_smt.e"/>
         </part>
         <part id="pe-3_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03f."/>
-          <link rel="depends-on" href="#pe-3_smt.f"/>
           <p><insert type="param" id-ref="pe-03_odp.07"/> are inventoried <insert type="param" id-ref="pe-03_odp.08"/>;</p>
+          <link rel="depends-on" href="#pe-3_smt.f"/>
         </part>
         <part id="pe-3_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03g."/>
-          <link rel="depends-on" href="#pe-3_smt.g"/>
           <part id="pe-3_obj.g-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03g.[01]"/>
-            <link rel="depends-on" href="#pe-3_smt.g"/>
             <p>combinations are changed <insert type="param" id-ref="pe-03_odp.09"/> , when combinations are compromised, or when individuals possessing the combinations are transferred or terminated;</p>
+            <link rel="depends-on" href="#pe-3_smt.g"/>
           </part>
           <part id="pe-3_obj.g-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03g.[02]"/>
-            <link rel="depends-on" href="#pe-3_smt.g"/>
             <p>keys are changed <insert type="param" id-ref="pe-03_odp.10"/> , when keys are lost, or when individuals possessing the keys are transferred or terminated.</p>
+            <link rel="depends-on" href="#pe-3_smt.g"/>
           </part>
+          <link rel="depends-on" href="#pe-3_smt.g"/>
         </part>
+        <link rel="depends-on" href="#pe-3_smt"/>
       </part>
       <part id="pe-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40792,17 +40792,17 @@
         </part>
         <part id="pe-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(01)"/>
-          <link rel="depends-on" href="#pe-3.1_smt"/>
           <part id="pe-3.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03(01)[01]"/>
-            <link rel="depends-on" href="#pe-3.1_smt"/>
             <p>physical access authorizations to the system are enforced;</p>
+            <link rel="depends-on" href="#pe-3.1_smt"/>
           </part>
           <part id="pe-3.1_obj.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-03(01)[02]"/>
-            <link rel="depends-on" href="#pe-3.1_smt"/>
             <p>physical access controls are enforced for the facility at <insert type="param" id-ref="pe-03.01_odp"/>.</p>
+            <link rel="depends-on" href="#pe-3.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-3.1_smt"/>
         </part>
         <part id="pe-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40862,8 +40862,8 @@
         </part>
         <part id="pe-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(02)"/>
-          <link rel="depends-on" href="#pe-3.2_smt"/>
           <p>security checks are performed <insert type="param" id-ref="pe-03.02_odp"/> at the physical perimeter of the facility or system for exfiltration of information or removal of system components.</p>
+          <link rel="depends-on" href="#pe-3.2_smt"/>
         </part>
         <part id="pe-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40925,8 +40925,8 @@
         </part>
         <part id="pe-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(03)"/>
-          <link rel="depends-on" href="#pe-3.3_smt"/>
           <p>guards are employed to control <insert type="param" id-ref="pe-03.03_odp"/> to the facility where the system resides 24 hours per day, 7 days per week.</p>
+          <link rel="depends-on" href="#pe-3.3_smt"/>
         </part>
         <part id="pe-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -40983,8 +40983,8 @@
         </part>
         <part id="pe-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(04)"/>
-          <link rel="depends-on" href="#pe-3.4_smt"/>
           <p>lockable physical casings are used to protect <insert type="param" id-ref="pe-03.04_odp"/> from unauthorized access.</p>
+          <link rel="depends-on" href="#pe-3.4_smt"/>
         </part>
         <part id="pe-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41056,8 +41056,8 @@
         </part>
         <part id="pe-3.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(05)"/>
-          <link rel="depends-on" href="#pe-3.5_smt"/>
           <p><insert type="param" id-ref="pe-03.05_odp.01"/> are employed to <insert type="param" id-ref="pe-03.05_odp.02"/> physical tampering or alteration of <insert type="param" id-ref="pe-03.05_odp.03"/> within the system.</p>
+          <link rel="depends-on" href="#pe-3.5_smt"/>
         </part>
         <part id="pe-3.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41110,8 +41110,8 @@
         </part>
         <part id="pe-3.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(07)"/>
-          <link rel="depends-on" href="#pe-3.7_smt"/>
           <p>physical barriers are used to limit access.</p>
+          <link rel="depends-on" href="#pe-3.7_smt"/>
         </part>
         <part id="pe-3.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41157,8 +41157,8 @@
         </part>
         <part id="pe-3.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-03(08)"/>
-          <link rel="depends-on" href="#pe-3.8_smt"/>
           <p>access control vestibules are employed at <insert type="param" id-ref="pe-03.08_odp"/>.</p>
+          <link rel="depends-on" href="#pe-3.8_smt"/>
         </part>
         <part id="pe-3.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41228,8 +41228,8 @@
       </part>
       <part id="pe-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-04"/>
-        <link rel="depends-on" href="#pe-4_smt"/>
         <p>physical access to <insert type="param" id-ref="pe-04_odp.01"/> within organizational facilities is controlled using <insert type="param" id-ref="pe-04_odp.02"/>.</p>
+        <link rel="depends-on" href="#pe-4_smt"/>
       </part>
       <part id="pe-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41288,8 +41288,8 @@
       </part>
       <part id="pe-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-05"/>
-        <link rel="depends-on" href="#pe-5_smt"/>
         <p>physical access to output from <insert type="param" id-ref="pe-05_odp"/> is controlled to prevent unauthorized individuals from obtaining the output.</p>
+        <link rel="depends-on" href="#pe-5_smt"/>
       </part>
       <part id="pe-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41344,8 +41344,8 @@
         </part>
         <part id="pe-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-05(02)"/>
-          <link rel="depends-on" href="#pe-5.2_smt"/>
           <p>individual identity is linked to the receipt of output from output devices.</p>
+          <link rel="depends-on" href="#pe-5.2_smt"/>
         </part>
         <part id="pe-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41444,40 +41444,40 @@
       </part>
       <part id="pe-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-06"/>
-        <link rel="depends-on" href="#pe-6_smt"/>
         <part id="pe-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06a."/>
-          <link rel="depends-on" href="#pe-6_smt.a"/>
           <p>physical access to the facility where the system resides is monitored to detect and respond to physical security incidents;</p>
+          <link rel="depends-on" href="#pe-6_smt.a"/>
         </part>
         <part id="pe-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06b."/>
-          <link rel="depends-on" href="#pe-6_smt.b"/>
           <part id="pe-6_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06b.[01]"/>
-            <link rel="depends-on" href="#pe-6_smt.b"/>
             <p>physical access logs are reviewed <insert type="param" id-ref="pe-06_odp.01"/>;</p>
+            <link rel="depends-on" href="#pe-6_smt.b"/>
           </part>
           <part id="pe-6_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06b.[02]"/>
-            <link rel="depends-on" href="#pe-6_smt.b"/>
             <p>physical access logs are reviewed upon occurrence of <insert type="param" id-ref="pe-06_odp.02"/>;</p>
+            <link rel="depends-on" href="#pe-6_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pe-6_smt.b"/>
         </part>
         <part id="pe-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06c."/>
-          <link rel="depends-on" href="#pe-6_smt.c"/>
           <part id="pe-6_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06c.[01]"/>
-            <link rel="depends-on" href="#pe-6_smt.c"/>
             <p>results of reviews are coordinated with organizational incident response capabilities;</p>
+            <link rel="depends-on" href="#pe-6_smt.c"/>
           </part>
           <part id="pe-6_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06c.[02]"/>
-            <link rel="depends-on" href="#pe-6_smt.c"/>
             <p>results of investigations are coordinated with organizational incident response capabilities.</p>
+            <link rel="depends-on" href="#pe-6_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pe-6_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pe-6_smt"/>
       </part>
       <part id="pe-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41526,17 +41526,17 @@
         </part>
         <part id="pe-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06(01)"/>
-          <link rel="depends-on" href="#pe-6.1_smt"/>
           <part id="pe-6.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(01)[01]"/>
-            <link rel="depends-on" href="#pe-6.1_smt"/>
             <p>physical access to the facility where the system resides is monitored using physical intrusion alarms;</p>
+            <link rel="depends-on" href="#pe-6.1_smt"/>
           </part>
           <part id="pe-6.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(01)[02]"/>
-            <link rel="depends-on" href="#pe-6.1_smt"/>
             <p>physical access to the facility where the system resides is monitored using physical surveillance equipment.</p>
+            <link rel="depends-on" href="#pe-6.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-6.1_smt"/>
         </part>
         <part id="pe-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41614,17 +41614,17 @@
         </part>
         <part id="pe-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06(02)"/>
-          <link rel="depends-on" href="#pe-6.2_smt"/>
           <part id="pe-6.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(02)[01]"/>
-            <link rel="depends-on" href="#pe-6.2_smt"/>
             <p><insert type="param" id-ref="pe-06.02_odp.01"/> are recognized;</p>
+            <link rel="depends-on" href="#pe-6.2_smt"/>
           </part>
           <part id="pe-6.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(02)[02]"/>
-            <link rel="depends-on" href="#pe-6.2_smt"/>
             <p><insert type="param" id-ref="pe-06.02_odp.02"/> are initiated using <insert type="param" id-ref="pe-06.02_odp.03"/>.</p>
+            <link rel="depends-on" href="#pe-6.2_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-6.2_smt"/>
         </part>
         <part id="pe-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41710,22 +41710,22 @@
         </part>
         <part id="pe-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06(03)"/>
-          <link rel="depends-on" href="#pe-6.3_smt"/>
           <part id="pe-6.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(03)(a)"/>
-            <link rel="depends-on" href="#pe-6.3_smt.a"/>
             <p>video surveillance of <insert type="param" id-ref="pe-06.03_odp.01"/> is employed;</p>
+            <link rel="depends-on" href="#pe-6.3_smt.a"/>
           </part>
           <part id="pe-6.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(03)(b)"/>
-            <link rel="depends-on" href="#pe-6.3_smt.b"/>
             <p>video recordings are reviewed <insert type="param" id-ref="pe-06.03_odp.02"/>;</p>
+            <link rel="depends-on" href="#pe-6.3_smt.b"/>
           </part>
           <part id="pe-6.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-06(03)(c)"/>
-            <link rel="depends-on" href="#pe-6.3_smt.c"/>
             <p>video recordings are retained for <insert type="param" id-ref="pe-06.03_odp.03"/>.</p>
+            <link rel="depends-on" href="#pe-6.3_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pe-6.3_smt"/>
         </part>
         <part id="pe-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41786,8 +41786,8 @@
         </part>
         <part id="pe-6.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-06(04)"/>
-          <link rel="depends-on" href="#pe-6.4_smt"/>
           <p>physical access to the system is monitored in addition to the physical access monitoring of the facility at <insert type="param" id-ref="pe-06.04_odp"/>.</p>
+          <link rel="depends-on" href="#pe-6.4_smt"/>
         </part>
         <part id="pe-6.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41887,22 +41887,22 @@
       </part>
       <part id="pe-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-08"/>
-        <link rel="depends-on" href="#pe-8_smt"/>
         <part id="pe-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-08a."/>
-          <link rel="depends-on" href="#pe-8_smt.a"/>
           <p>visitor access records for the facility where the system resides are maintained for <insert type="param" id-ref="pe-08_odp.01"/>;</p>
+          <link rel="depends-on" href="#pe-8_smt.a"/>
         </part>
         <part id="pe-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-08b."/>
-          <link rel="depends-on" href="#pe-8_smt.b"/>
           <p>visitor access records are reviewed <insert type="param" id-ref="pe-08_odp.02"/>;</p>
+          <link rel="depends-on" href="#pe-8_smt.b"/>
         </part>
         <part id="pe-8_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-08c."/>
-          <link rel="depends-on" href="#pe-8_smt.c"/>
           <p>visitor access records anomalies are reported to <insert type="param" id-ref="pe-08_odp.03"/>.</p>
+          <link rel="depends-on" href="#pe-8_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pe-8_smt"/>
       </part>
       <part id="pe-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -41969,17 +41969,17 @@
         </part>
         <part id="pe-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-08(01)"/>
-          <link rel="depends-on" href="#pe-8.1_smt"/>
           <part id="pe-8.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-08(01)[01]"/>
-            <link rel="depends-on" href="#pe-8.1_smt"/>
             <p>visitor access records are maintained using <insert type="param" id-ref="pe-08.01_odp.01"/>;</p>
+            <link rel="depends-on" href="#pe-8.1_smt"/>
           </part>
           <part id="pe-8.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-08(01)[02]"/>
-            <link rel="depends-on" href="#pe-8.1_smt"/>
             <p>visitor access records are reviewed using <insert type="param" id-ref="pe-08.01_odp.02"/>.</p>
+            <link rel="depends-on" href="#pe-8.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-8.1_smt"/>
         </part>
         <part id="pe-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42044,8 +42044,8 @@
         </part>
         <part id="pe-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-08(03)"/>
-          <link rel="depends-on" href="#pe-8.3_smt"/>
           <p>personally identifiable information contained in visitor access records is limited to <insert type="param" id-ref="pe-08.03_odp"/> identified in the privacy risk assessment.</p>
+          <link rel="depends-on" href="#pe-8.3_smt"/>
         </part>
         <part id="pe-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42094,17 +42094,17 @@
       </part>
       <part id="pe-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-09"/>
-        <link rel="depends-on" href="#pe-9_smt"/>
         <part id="pe-9_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-09[01]"/>
-          <link rel="depends-on" href="#pe-9_smt"/>
           <p>power equipment for the system is protected from damage and destruction;</p>
+          <link rel="depends-on" href="#pe-9_smt"/>
         </part>
         <part id="pe-9_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-09[02]"/>
-          <link rel="depends-on" href="#pe-9_smt"/>
           <p>power cabling for the system is protected from damage and destruction.</p>
+          <link rel="depends-on" href="#pe-9_smt"/>
         </part>
+        <link rel="depends-on" href="#pe-9_smt"/>
       </part>
       <part id="pe-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42155,8 +42155,8 @@
         </part>
         <part id="pe-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-09(01)"/>
-          <link rel="depends-on" href="#pe-9.1_smt"/>
           <p>redundant power cabling paths that are physically separated by <insert type="param" id-ref="pe-09.01_odp"/> are employed.</p>
+          <link rel="depends-on" href="#pe-9.1_smt"/>
         </part>
         <part id="pe-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42208,8 +42208,8 @@
         </part>
         <part id="pe-9.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-09(02)"/>
-          <link rel="depends-on" href="#pe-9.2_smt"/>
           <p>automatic voltage controls for <insert type="param" id-ref="pe-09.02_odp"/> are employed.</p>
+          <link rel="depends-on" href="#pe-9.2_smt"/>
         </part>
         <part id="pe-9.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42284,22 +42284,22 @@
       </part>
       <part id="pe-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-10"/>
-        <link rel="depends-on" href="#pe-10_smt"/>
         <part id="pe-10_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-10a."/>
-          <link rel="depends-on" href="#pe-10_smt.a"/>
           <p>the capability to shut off power to <insert type="param" id-ref="pe-10_odp.01"/> in emergency situations is provided;</p>
+          <link rel="depends-on" href="#pe-10_smt.a"/>
         </part>
         <part id="pe-10_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-10b."/>
-          <link rel="depends-on" href="#pe-10_smt.b"/>
           <p>emergency shutoff switches or devices are placed in <insert type="param" id-ref="pe-10_odp.02"/> to facilitate access for authorized personnel;</p>
+          <link rel="depends-on" href="#pe-10_smt.b"/>
         </part>
         <part id="pe-10_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-10c."/>
-          <link rel="depends-on" href="#pe-10_smt.c"/>
           <p>the emergency power shutoff capability is protected from unauthorized activation.</p>
+          <link rel="depends-on" href="#pe-10_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pe-10_smt"/>
       </part>
       <part id="pe-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42363,8 +42363,8 @@
       </part>
       <part id="pe-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-11"/>
-        <link rel="depends-on" href="#pe-11_smt"/>
         <p>an uninterruptible power supply is provided to facilitate <insert type="param" id-ref="pe-11_odp"/> in the event of a primary power source loss.</p>
+        <link rel="depends-on" href="#pe-11_smt"/>
       </part>
       <part id="pe-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42418,17 +42418,17 @@
         </part>
         <part id="pe-11.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-11(01)"/>
-          <link rel="depends-on" href="#pe-11.1_smt"/>
           <part id="pe-11.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-11(01)[01]"/>
-            <link rel="depends-on" href="#pe-11.1_smt"/>
             <p>an alternate power supply provided for the system is activated <insert type="param" id-ref="pe-11.01_odp"/>;</p>
+            <link rel="depends-on" href="#pe-11.1_smt"/>
           </part>
           <part id="pe-11.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-11(01)[02]"/>
-            <link rel="depends-on" href="#pe-11.1_smt"/>
             <p>the alternate power supply provided for the system can maintain minimally required operational capability in the event of an extended loss of the primary power source.</p>
+            <link rel="depends-on" href="#pe-11.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-11.1_smt"/>
         </part>
         <part id="pe-11.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42503,23 +42503,23 @@
         </part>
         <part id="pe-11.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-11(02)"/>
-          <link rel="depends-on" href="#pe-11.2_smt"/>
           <p>an alternate power supply provided for the system is activated <insert type="param" id-ref="pe-11.02_odp.01"/>;</p>
           <part id="pe-11.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-11(02)(a)"/>
-            <link rel="depends-on" href="#pe-11.2_smt.a"/>
             <p>the alternate power supply provided for the system is self-contained;</p>
+            <link rel="depends-on" href="#pe-11.2_smt.a"/>
           </part>
           <part id="pe-11.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-11(02)(b)"/>
-            <link rel="depends-on" href="#pe-11.2_smt.b"/>
             <p>the alternate power supply provided for the system is not reliant on external power generation;</p>
+            <link rel="depends-on" href="#pe-11.2_smt.b"/>
           </part>
           <part id="pe-11.2_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-11(02)(c)"/>
-            <link rel="depends-on" href="#pe-11.2_smt.c"/>
             <p>the alternate power supply provided for the system is capable of maintaining <insert type="param" id-ref="pe-11.02_odp.02"/> in the event of an extended loss of the primary power source.</p>
+            <link rel="depends-on" href="#pe-11.2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pe-11.2_smt"/>
         </part>
         <part id="pe-11.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42568,27 +42568,27 @@
       </part>
       <part id="pe-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-12"/>
-        <link rel="depends-on" href="#pe-12_smt"/>
         <part id="pe-12_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-12[01]"/>
-          <link rel="depends-on" href="#pe-12_smt"/>
           <p>automatic emergency lighting that activates in the event of a power outage or disruption is employed for the system;</p>
+          <link rel="depends-on" href="#pe-12_smt"/>
         </part>
         <part id="pe-12_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-12[02]"/>
-          <link rel="depends-on" href="#pe-12_smt"/>
           <p>automatic emergency lighting that activates in the event of a power outage or disruption is maintained for the system;</p>
+          <link rel="depends-on" href="#pe-12_smt"/>
         </part>
         <part id="pe-12_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-12[03]"/>
-          <link rel="depends-on" href="#pe-12_smt"/>
           <p>automatic emergency lighting for the system covers emergency exits within the facility;</p>
+          <link rel="depends-on" href="#pe-12_smt"/>
         </part>
         <part id="pe-12_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-12[04]"/>
-          <link rel="depends-on" href="#pe-12_smt"/>
           <p>automatic emergency lighting for the system covers evacuation routes within the facility.</p>
+          <link rel="depends-on" href="#pe-12_smt"/>
         </part>
+        <link rel="depends-on" href="#pe-12_smt"/>
       </part>
       <part id="pe-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42633,8 +42633,8 @@
         </part>
         <part id="pe-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-12(01)"/>
-          <link rel="depends-on" href="#pe-12.1_smt"/>
           <p>emergency lighting is provided for all areas within the facility supporting essential mission and business functions.</p>
+          <link rel="depends-on" href="#pe-12.1_smt"/>
         </part>
         <part id="pe-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42682,37 +42682,37 @@
       </part>
       <part id="pe-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-13"/>
-        <link rel="depends-on" href="#pe-13_smt"/>
         <part id="pe-13_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13[01]"/>
-          <link rel="depends-on" href="#pe-13_smt"/>
           <p>fire detection systems are employed;</p>
+          <link rel="depends-on" href="#pe-13_smt"/>
         </part>
         <part id="pe-13_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13[02]"/>
-          <link rel="depends-on" href="#pe-13_smt"/>
           <p>employed fire detection systems are supported by an independent energy source;</p>
+          <link rel="depends-on" href="#pe-13_smt"/>
         </part>
         <part id="pe-13_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13[03]"/>
-          <link rel="depends-on" href="#pe-13_smt"/>
           <p>employed fire detection systems are maintained;</p>
+          <link rel="depends-on" href="#pe-13_smt"/>
         </part>
         <part id="pe-13_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13[04]"/>
-          <link rel="depends-on" href="#pe-13_smt"/>
           <p>fire suppression systems are employed;</p>
+          <link rel="depends-on" href="#pe-13_smt"/>
         </part>
         <part id="pe-13_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13[05]"/>
-          <link rel="depends-on" href="#pe-13_smt"/>
           <p>employed fire suppression systems are supported by an independent energy source;</p>
+          <link rel="depends-on" href="#pe-13_smt"/>
         </part>
         <part id="pe-13_obj-6" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13[06]"/>
-          <link rel="depends-on" href="#pe-13_smt"/>
           <p>employed fire suppression systems are maintained.</p>
+          <link rel="depends-on" href="#pe-13_smt"/>
         </part>
+        <link rel="depends-on" href="#pe-13_smt"/>
       </part>
       <part id="pe-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42773,22 +42773,22 @@
         </part>
         <part id="pe-13.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13(01)"/>
-          <link rel="depends-on" href="#pe-13.1_smt"/>
           <part id="pe-13.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(01)[01]"/>
-            <link rel="depends-on" href="#pe-13.1_smt"/>
             <p>fire detection systems that activate automatically are employed in the event of a fire;</p>
+            <link rel="depends-on" href="#pe-13.1_smt"/>
           </part>
           <part id="pe-13.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(01)[02]"/>
-            <link rel="depends-on" href="#pe-13.1_smt"/>
             <p>fire detection systems that notify <insert type="param" id-ref="pe-13.01_odp.01"/> automatically are employed in the event of a fire;</p>
+            <link rel="depends-on" href="#pe-13.1_smt"/>
           </part>
           <part id="pe-13.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(01)[03]"/>
-            <link rel="depends-on" href="#pe-13.1_smt"/>
             <p>fire detection systems that notify <insert type="param" id-ref="pe-13.01_odp.02"/> automatically are employed in the event of a fire.</p>
+            <link rel="depends-on" href="#pe-13.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-13.1_smt"/>
         </part>
         <part id="pe-13.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42862,31 +42862,31 @@
         </part>
         <part id="pe-13.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13(02)"/>
-          <link rel="depends-on" href="#pe-13.2_smt"/>
           <part id="pe-13.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(02)(a)"/>
-            <link rel="depends-on" href="#pe-13.2_smt.a"/>
             <part id="pe-13.2_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-13(02)(a)[01]"/>
-              <link rel="depends-on" href="#pe-13.2_smt.a"/>
               <p>fire suppression systems that activate automatically are employed;</p>
+              <link rel="depends-on" href="#pe-13.2_smt.a"/>
             </part>
             <part id="pe-13.2_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-13(02)(a)[02]"/>
-              <link rel="depends-on" href="#pe-13.2_smt.a"/>
               <p>fire suppression systems that notify <insert type="param" id-ref="pe-13.02_odp.01"/> automatically are employed;</p>
+              <link rel="depends-on" href="#pe-13.2_smt.a"/>
             </part>
             <part id="pe-13.2_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PE-13(02)(a)[03]"/>
-              <link rel="depends-on" href="#pe-13.2_smt.a"/>
               <p>fire suppression systems that notify <insert type="param" id-ref="pe-13.02_odp.02"/> automatically are employed;</p>
+              <link rel="depends-on" href="#pe-13.2_smt.a"/>
             </part>
+            <link rel="depends-on" href="#pe-13.2_smt.a"/>
           </part>
           <part id="pe-13.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(02)(b)"/>
-            <link rel="depends-on" href="#pe-13.2_smt.b"/>
             <p>an automatic fire suppression capability is employed when the facility is not staffed on a continuous basis.</p>
+            <link rel="depends-on" href="#pe-13.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pe-13.2_smt"/>
         </part>
         <part id="pe-13.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -42960,17 +42960,17 @@
         </part>
         <part id="pe-13.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-13(04)"/>
-          <link rel="depends-on" href="#pe-13.4_smt"/>
           <part id="pe-13.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(04)[01]"/>
-            <link rel="depends-on" href="#pe-13.4_smt"/>
             <p>the facility undergoes fire protection inspections <insert type="param" id-ref="pe-13.04_odp.01"/> by authorized and qualified inspectors;</p>
+            <link rel="depends-on" href="#pe-13.4_smt"/>
           </part>
           <part id="pe-13.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-13(04)[02]"/>
-            <link rel="depends-on" href="#pe-13.4_smt"/>
             <p>the identified deficiencies from fire protection inspections are resolved within <insert type="param" id-ref="pe-13.04_odp.02"/>.</p>
+            <link rel="depends-on" href="#pe-13.4_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-13.4_smt"/>
         </part>
         <part id="pe-13.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43055,17 +43055,17 @@
       </part>
       <part id="pe-14_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-14"/>
-        <link rel="depends-on" href="#pe-14_smt"/>
         <part id="pe-14_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-14a."/>
-          <link rel="depends-on" href="#pe-14_smt.a"/>
           <p><insert type="param" id-ref="pe-14_odp.01"/> levels are maintained at <insert type="param" id-ref="pe-14_odp.03"/> within the facility where the system resides;</p>
+          <link rel="depends-on" href="#pe-14_smt.a"/>
         </part>
         <part id="pe-14_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-14b."/>
-          <link rel="depends-on" href="#pe-14_smt.b"/>
           <p>environmental control levels are monitored <insert type="param" id-ref="pe-14_odp.04"/>.</p>
+          <link rel="depends-on" href="#pe-14_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pe-14_smt"/>
       </part>
       <part id="pe-14_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43119,8 +43119,8 @@
         </part>
         <part id="pe-14.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-14(01)"/>
-          <link rel="depends-on" href="#pe-14.1_smt"/>
           <p><insert type="param" id-ref="pe-14.01_odp"/> are employed in the facility to prevent fluctuations that are potentially harmful to the system.</p>
+          <link rel="depends-on" href="#pe-14.1_smt"/>
         </part>
         <part id="pe-14.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43175,17 +43175,17 @@
         </part>
         <part id="pe-14.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-14(02)"/>
-          <link rel="depends-on" href="#pe-14.2_smt"/>
           <part id="pe-14.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-14(02)[01]"/>
-            <link rel="depends-on" href="#pe-14.2_smt"/>
             <p>environmental control monitoring is employed;</p>
+            <link rel="depends-on" href="#pe-14.2_smt"/>
           </part>
           <part id="pe-14.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-14(02)[02]"/>
-            <link rel="depends-on" href="#pe-14.2_smt"/>
             <p>the environmental control monitoring capability provides an alarm or notification to <insert type="param" id-ref="pe-14.02_odp"/> when changes are potentially harmful to personnel or equipment.</p>
+            <link rel="depends-on" href="#pe-14.2_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-14.2_smt"/>
         </part>
         <part id="pe-14.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43233,27 +43233,27 @@
       </part>
       <part id="pe-15_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-15"/>
-        <link rel="depends-on" href="#pe-15_smt"/>
         <part id="pe-15_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-15[01]"/>
-          <link rel="depends-on" href="#pe-15_smt"/>
           <p>the system is protected from damage resulting from water leakage by providing master shutoff or isolation valves;</p>
+          <link rel="depends-on" href="#pe-15_smt"/>
         </part>
         <part id="pe-15_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-15[02]"/>
-          <link rel="depends-on" href="#pe-15_smt"/>
           <p>the master shutoff or isolation valves are accessible;</p>
+          <link rel="depends-on" href="#pe-15_smt"/>
         </part>
         <part id="pe-15_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-15[03]"/>
-          <link rel="depends-on" href="#pe-15_smt"/>
           <p>the master shutoff or isolation valves are working properly;</p>
+          <link rel="depends-on" href="#pe-15_smt"/>
         </part>
         <part id="pe-15_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-15[04]"/>
-          <link rel="depends-on" href="#pe-15_smt"/>
           <p>the master shutoff or isolation valves are known to key personnel.</p>
+          <link rel="depends-on" href="#pe-15_smt"/>
         </part>
+        <link rel="depends-on" href="#pe-15_smt"/>
       </part>
       <part id="pe-15_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43316,17 +43316,17 @@
         </part>
         <part id="pe-15.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-15(01)"/>
-          <link rel="depends-on" href="#pe-15.1_smt"/>
           <part id="pe-15.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-15(01)[01]"/>
-            <link rel="depends-on" href="#pe-15.1_smt"/>
             <p>the presence of water near the system can be detected automatically;</p>
+            <link rel="depends-on" href="#pe-15.1_smt"/>
           </part>
           <part id="pe-15.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-15(01)[02]"/>
-            <link rel="depends-on" href="#pe-15.1_smt"/>
             <p><insert type="param" id-ref="pe-15.01_odp.01"/> is/are alerted using <insert type="param" id-ref="pe-15.01_odp.02"/>.</p>
+            <link rel="depends-on" href="#pe-15.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-15.1_smt"/>
         </part>
         <part id="pe-15.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43409,36 +43409,36 @@
       </part>
       <part id="pe-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-16"/>
-        <link rel="depends-on" href="#pe-16_smt"/>
         <part id="pe-16_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-16a."/>
-          <link rel="depends-on" href="#pe-16_smt.a"/>
           <part id="pe-16_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-16a.[01]"/>
-            <link rel="depends-on" href="#pe-16_smt.a"/>
             <p><insert type="param" id-ref="pe-16_odp.01"/> are authorized when entering the facility;</p>
+            <link rel="depends-on" href="#pe-16_smt.a"/>
           </part>
           <part id="pe-16_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-16a.[02]"/>
-            <link rel="depends-on" href="#pe-16_smt.a"/>
             <p><insert type="param" id-ref="pe-16_odp.01"/> are controlled when entering the facility;</p>
+            <link rel="depends-on" href="#pe-16_smt.a"/>
           </part>
           <part id="pe-16_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-16a.[03]"/>
-            <link rel="depends-on" href="#pe-16_smt.a"/>
             <p><insert type="param" id-ref="pe-16_odp.02"/> are authorized when exiting the facility;</p>
+            <link rel="depends-on" href="#pe-16_smt.a"/>
           </part>
           <part id="pe-16_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-16a.[04]"/>
-            <link rel="depends-on" href="#pe-16_smt.a"/>
             <p><insert type="param" id-ref="pe-16_odp.02"/> are controlled when exiting the facility;</p>
+            <link rel="depends-on" href="#pe-16_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pe-16_smt.a"/>
         </part>
         <part id="pe-16_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-16b."/>
-          <link rel="depends-on" href="#pe-16_smt.b"/>
           <p>records of the system components are maintained.</p>
+          <link rel="depends-on" href="#pe-16_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pe-16_smt"/>
       </part>
       <part id="pe-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43518,27 +43518,27 @@
       </part>
       <part id="pe-17_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-17"/>
-        <link rel="depends-on" href="#pe-17_smt"/>
         <part id="pe-17_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-17a."/>
-          <link rel="depends-on" href="#pe-17_smt.a"/>
           <p><insert type="param" id-ref="pe-17_odp.01"/> are determined and documented;</p>
+          <link rel="depends-on" href="#pe-17_smt.a"/>
         </part>
         <part id="pe-17_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-17b."/>
-          <link rel="depends-on" href="#pe-17_smt.b"/>
           <p><insert type="param" id-ref="pe-17_odp.02"/> are employed at alternate work sites;</p>
+          <link rel="depends-on" href="#pe-17_smt.b"/>
         </part>
         <part id="pe-17_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-17c."/>
-          <link rel="depends-on" href="#pe-17_smt.c"/>
           <p>the effectiveness of controls at alternate work sites is assessed;</p>
+          <link rel="depends-on" href="#pe-17_smt.c"/>
         </part>
         <part id="pe-17_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-17d."/>
-          <link rel="depends-on" href="#pe-17_smt.d"/>
           <p>a means for employees to communicate with information security and privacy personnel in case of incidents is provided.</p>
+          <link rel="depends-on" href="#pe-17_smt.d"/>
         </part>
+        <link rel="depends-on" href="#pe-17_smt"/>
       </part>
       <part id="pe-17_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43601,8 +43601,8 @@
       </part>
       <part id="pe-18_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-18"/>
-        <link rel="depends-on" href="#pe-18_smt"/>
         <p>system components are positioned within the facility to minimize potential damage from <insert type="param" id-ref="pe-18_odp"/> and to minimize the opportunity for unauthorized access.</p>
+        <link rel="depends-on" href="#pe-18_smt"/>
       </part>
       <part id="pe-18_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43659,8 +43659,8 @@
       </part>
       <part id="pe-19_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-19"/>
-        <link rel="depends-on" href="#pe-19_smt"/>
         <p>the system is protected from information leakage due to electromagnetic signal emanations.</p>
+        <link rel="depends-on" href="#pe-19_smt"/>
       </part>
       <part id="pe-19_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43705,22 +43705,22 @@
         </part>
         <part id="pe-19.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-19(01)"/>
-          <link rel="depends-on" href="#pe-19.1_smt"/>
           <part id="pe-19.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-19(01)[01]"/>
-            <link rel="depends-on" href="#pe-19.1_smt"/>
             <p>system components are protected in accordance with national emissions security policies and procedures based on the security category or classification of the information;</p>
+            <link rel="depends-on" href="#pe-19.1_smt"/>
           </part>
           <part id="pe-19.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-19(01)[02]"/>
-            <link rel="depends-on" href="#pe-19.1_smt"/>
             <p>associated data communications are protected in accordance with national emissions security policies and procedures based on the security category or classification of the information;</p>
+            <link rel="depends-on" href="#pe-19.1_smt"/>
           </part>
           <part id="pe-19.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PE-19(01)[03]"/>
-            <link rel="depends-on" href="#pe-19.1_smt"/>
             <p>networks are protected in accordance with national emissions security policies and procedures based on the security category or classification of the information.</p>
+            <link rel="depends-on" href="#pe-19.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pe-19.1_smt"/>
         </part>
         <part id="pe-19.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43791,8 +43791,8 @@
       </part>
       <part id="pe-20_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-20"/>
-        <link rel="depends-on" href="#pe-20_smt"/>
         <p><insert type="param" id-ref="pe-20_odp.01"/> are employed to track and monitor the location and movement of <insert type="param" id-ref="pe-20_odp.02"/> within <insert type="param" id-ref="pe-20_odp.03"/>.</p>
+        <link rel="depends-on" href="#pe-20_smt"/>
       </part>
       <part id="pe-20_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43860,8 +43860,8 @@
       </part>
       <part id="pe-21_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-21"/>
-        <link rel="depends-on" href="#pe-21_smt"/>
         <p><insert type="param" id-ref="pe-21_odp.01"/> are employed against electromagnetic pulse damage for <insert type="param" id-ref="pe-21_odp.02"/>.</p>
+        <link rel="depends-on" href="#pe-21_smt"/>
       </part>
       <part id="pe-21_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43919,8 +43919,8 @@
       </part>
       <part id="pe-22_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-22"/>
-        <link rel="depends-on" href="#pe-22_smt"/>
         <p><insert type="param" id-ref="pe-22_odp"/> are marked indicating the impact level or classification level of the information permitted to be processed, stored, or transmitted by the hardware component.</p>
+        <link rel="depends-on" href="#pe-22_smt"/>
       </part>
       <part id="pe-22_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -43981,17 +43981,17 @@
       </part>
       <part id="pe-23_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PE-23"/>
-        <link rel="depends-on" href="#pe-23_smt"/>
         <part id="pe-23_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-23a."/>
-          <link rel="depends-on" href="#pe-23_smt.a"/>
           <p>the location or site of the facility where the system resides is planned considering physical and environmental hazards;</p>
+          <link rel="depends-on" href="#pe-23_smt.a"/>
         </part>
         <part id="pe-23_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PE-23b."/>
-          <link rel="depends-on" href="#pe-23_smt.b"/>
           <p>for existing facilities, physical and environmental hazards are considered in the organizational risk management strategy.</p>
+          <link rel="depends-on" href="#pe-23_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pe-23_smt"/>
       </part>
       <part id="pe-23_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -44153,116 +44153,116 @@
       </part>
       <part id="pl-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-01"/>
-        <link rel="depends-on" href="#pl-1_smt"/>
         <part id="pl-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-01a."/>
-          <link rel="depends-on" href="#pl-1_smt.a"/>
           <part id="pl-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01a.[01]"/>
-            <link rel="depends-on" href="#pl-1_smt.a"/>
             <p>a planning policy is developed and documented.</p>
+            <link rel="depends-on" href="#pl-1_smt.a"/>
           </part>
           <part id="pl-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01a.[02]"/>
-            <link rel="depends-on" href="#pl-1_smt.a"/>
             <p>the planning policy is disseminated to <insert type="param" id-ref="pl-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#pl-1_smt.a"/>
           </part>
           <part id="pl-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01a.[03]"/>
-            <link rel="depends-on" href="#pl-1_smt.a"/>
             <p>planning procedures to facilitate the implementation of the planning policy and associated planning controls are developed and documented;</p>
+            <link rel="depends-on" href="#pl-1_smt.a"/>
           </part>
           <part id="pl-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01a.[04]"/>
-            <link rel="depends-on" href="#pl-1_smt.a"/>
             <p>the planning procedures are disseminated to <insert type="param" id-ref="pl-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#pl-1_smt.a"/>
           </part>
           <part id="pl-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01a.01"/>
-            <link rel="depends-on" href="#pl-1_smt.a.1"/>
             <part id="pl-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-01a.01(a)"/>
-              <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               <part id="pl-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses purpose;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
               <part id="pl-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses scope;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
               <part id="pl-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses roles;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
               <part id="pl-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
               <part id="pl-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses management commitment;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
               <part id="pl-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
               <part id="pl-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PL-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy addresses compliance;</p>
+                <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#pl-1_smt.a.1.a"/>
             </part>
             <part id="pl-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-01a.01(b)"/>
-              <link rel="depends-on" href="#pl-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="pl-01_odp.03"/> planning policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#pl-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#pl-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#pl-1_smt.a"/>
         </part>
         <part id="pl-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-01b."/>
-          <link rel="depends-on" href="#pl-1_smt.b"/>
           <p>the <insert type="param" id-ref="pl-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the planning policy and procedures;</p>
+          <link rel="depends-on" href="#pl-1_smt.b"/>
         </part>
         <part id="pl-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-01c."/>
-          <link rel="depends-on" href="#pl-1_smt.c"/>
           <part id="pl-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01c.01"/>
-            <link rel="depends-on" href="#pl-1_smt.c.1"/>
             <part id="pl-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-01c.01[01]"/>
-              <link rel="depends-on" href="#pl-1_smt.c.1"/>
               <p>the current planning policy is reviewed and updated <insert type="param" id-ref="pl-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#pl-1_smt.c.1"/>
             </part>
             <part id="pl-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-01c.01[02]"/>
-              <link rel="depends-on" href="#pl-1_smt.c.1"/>
               <p>the current planning policy is reviewed and updated following <insert type="param" id-ref="pl-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#pl-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#pl-1_smt.c.1"/>
           </part>
           <part id="pl-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-01c.02"/>
-            <link rel="depends-on" href="#pl-1_smt.c.2"/>
             <part id="pl-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-01c.02[01]"/>
-              <link rel="depends-on" href="#pl-1_smt.c.2"/>
               <p>the current planning procedures are reviewed and updated <insert type="param" id-ref="pl-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#pl-1_smt.c.2"/>
             </part>
             <part id="pl-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-01c.02[02]"/>
-              <link rel="depends-on" href="#pl-1_smt.c.2"/>
               <p>the current planning procedures are reviewed and updated following <insert type="param" id-ref="pl-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#pl-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#pl-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#pl-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pl-1_smt"/>
       </part>
       <part id="pl-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -44446,273 +44446,273 @@
       </part>
       <part id="pl-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-02"/>
-        <link rel="depends-on" href="#pl-2_smt"/>
         <part id="pl-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-02a."/>
-          <link rel="depends-on" href="#pl-2_smt.a"/>
           <part id="pl-2_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.01"/>
-            <link rel="depends-on" href="#pl-2_smt.a.1"/>
             <part id="pl-2_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.01[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.1"/>
               <p>a security plan for the system is developed that is consistent with the organization’s enterprise architecture;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.1"/>
             </part>
             <part id="pl-2_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.01[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.1"/>
               <p>a privacy plan for the system is developed that is consistent with the organization’s enterprise architecture;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.1"/>
           </part>
           <part id="pl-2_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.02"/>
-            <link rel="depends-on" href="#pl-2_smt.a.2"/>
             <part id="pl-2_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.02[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.2"/>
               <p>a security plan for the system is developed that explicitly defines the constituent system components;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.2"/>
             </part>
             <part id="pl-2_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.02[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.2"/>
               <p>a privacy plan for the system is developed that explicitly defines the constituent system components;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.2"/>
           </part>
           <part id="pl-2_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.03"/>
-            <link rel="depends-on" href="#pl-2_smt.a.3"/>
             <part id="pl-2_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.03[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.3"/>
               <p>a security plan for the system is developed that describes the operational context of the system in terms of mission and business processes;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.3"/>
             </part>
             <part id="pl-2_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.03[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.3"/>
               <p>a privacy plan for the system is developed that describes the operational context of the system in terms of mission and business processes;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.3"/>
           </part>
           <part id="pl-2_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.04"/>
-            <link rel="depends-on" href="#pl-2_smt.a.4"/>
             <part id="pl-2_obj.a.4-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.04[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.4"/>
               <p>a security plan for the system is developed that identifies the individuals that fulfill system roles and responsibilities;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.4"/>
             </part>
             <part id="pl-2_obj.a.4-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.04[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.4"/>
               <p>a privacy plan for the system is developed that identifies the individuals that fulfill system roles and responsibilities;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.4"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.4"/>
           </part>
           <part id="pl-2_obj.a.5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.05"/>
-            <link rel="depends-on" href="#pl-2_smt.a.5"/>
             <part id="pl-2_obj.a.5-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.05[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.5"/>
               <p>a security plan for the system is developed that identifies the information types processed, stored, and transmitted by the system;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.5"/>
             </part>
             <part id="pl-2_obj.a.5-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.05[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.5"/>
               <p>a privacy plan for the system is developed that identifies the information types processed, stored, and transmitted by the system;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.5"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.5"/>
           </part>
           <part id="pl-2_obj.a.6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.06"/>
-            <link rel="depends-on" href="#pl-2_smt.a.6"/>
             <part id="pl-2_obj.a.6-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.06[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.6"/>
               <p>a security plan for the system is developed that provides the security categorization of the system, including supporting rationale;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.6"/>
             </part>
             <part id="pl-2_obj.a.6-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.06[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.6"/>
               <p>a privacy plan for the system is developed that provides the security categorization of the system, including supporting rationale;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.6"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.6"/>
           </part>
           <part id="pl-2_obj.a.7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.07"/>
-            <link rel="depends-on" href="#pl-2_smt.a.7"/>
             <part id="pl-2_obj.a.7-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.07[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.7"/>
               <p>a security plan for the system is developed that describes any specific threats to the system that are of concern to the organization;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.7"/>
             </part>
             <part id="pl-2_obj.a.7-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.07[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.7"/>
               <p>a privacy plan for the system is developed that describes any specific threats to the system that are of concern to the organization;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.7"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.7"/>
           </part>
           <part id="pl-2_obj.a.8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.08"/>
-            <link rel="depends-on" href="#pl-2_smt.a.8"/>
             <part id="pl-2_obj.a.8-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.08[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.8"/>
               <p>a security plan for the system is developed that provides the results of a privacy risk assessment for systems processing personally identifiable information;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.8"/>
             </part>
             <part id="pl-2_obj.a.8-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.08[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.8"/>
               <p>a privacy plan for the system is developed that provides the results of a privacy risk assessment for systems processing personally identifiable information;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.8"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.8"/>
           </part>
           <part id="pl-2_obj.a.9" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.09"/>
-            <link rel="depends-on" href="#pl-2_smt.a.9"/>
             <part id="pl-2_obj.a.9-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.09[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.9"/>
               <p>a security plan for the system is developed that describes the operational environment for the system and any dependencies on or connections to other systems or system components;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.9"/>
             </part>
             <part id="pl-2_obj.a.9-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.09[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.9"/>
               <p>a privacy plan for the system is developed that describes the operational environment for the system and any dependencies on or connections to other systems or system components;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.9"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.9"/>
           </part>
           <part id="pl-2_obj.a.10" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.10"/>
-            <link rel="depends-on" href="#pl-2_smt.a.10"/>
             <part id="pl-2_obj.a.10-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.10[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.10"/>
               <p>a security plan for the system is developed that provides an overview of the security requirements for the system;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.10"/>
             </part>
             <part id="pl-2_obj.a.10-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.10[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.10"/>
               <p>a privacy plan for the system is developed that provides an overview of the privacy requirements for the system;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.10"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.10"/>
           </part>
           <part id="pl-2_obj.a.11" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.11"/>
-            <link rel="depends-on" href="#pl-2_smt.a.11"/>
             <part id="pl-2_obj.a.11-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.11[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.11"/>
               <p>a security plan for the system is developed that identifies any relevant control baselines or overlays, if applicable;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.11"/>
             </part>
             <part id="pl-2_obj.a.11-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.11[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.11"/>
               <p>a privacy plan for the system is developed that identifies any relevant control baselines or overlays, if applicable;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.11"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.11"/>
           </part>
           <part id="pl-2_obj.a.12" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.12"/>
-            <link rel="depends-on" href="#pl-2_smt.a.12"/>
             <part id="pl-2_obj.a.12-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.12[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.12"/>
               <p>a security plan for the system is developed that describes the controls in place or planned for meeting the security requirements, including rationale for any tailoring decisions;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.12"/>
             </part>
             <part id="pl-2_obj.a.12-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.12[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.12"/>
               <p>a privacy plan for the system is developed that describes the controls in place or planned for meeting the privacy requirements, including rationale for any tailoring decisions;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.12"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.12"/>
           </part>
           <part id="pl-2_obj.a.13" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.13"/>
-            <link rel="depends-on" href="#pl-2_smt.a.13"/>
             <part id="pl-2_obj.a.13-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.13[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.13"/>
               <p>a security plan for the system is developed that includes risk determinations for security architecture and design decisions;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.13"/>
             </part>
             <part id="pl-2_obj.a.13-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.13[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.13"/>
               <p>a privacy plan for the system is developed that includes risk determinations for privacy architecture and design decisions;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.13"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.13"/>
           </part>
           <part id="pl-2_obj.a.14" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.14"/>
-            <link rel="depends-on" href="#pl-2_smt.a.14"/>
             <part id="pl-2_obj.a.14-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.14[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.14"/>
               <p>a security plan for the system is developed that includes security-related activities affecting the system that require planning and coordination with <insert type="param" id-ref="pl-02_odp.01"/>;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.14"/>
             </part>
             <part id="pl-2_obj.a.14-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.14[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.14"/>
               <p>a privacy plan for the system is developed that includes privacy-related activities affecting the system that require planning and coordination with <insert type="param" id-ref="pl-02_odp.01"/>;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.14"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.14"/>
           </part>
           <part id="pl-2_obj.a.15" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02a.15"/>
-            <link rel="depends-on" href="#pl-2_smt.a.15"/>
             <part id="pl-2_obj.a.15-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.15[01]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.15"/>
               <p>a security plan for the system is developed that is reviewed and approved by the authorizing official or designated representative prior to plan implementation;</p>
+              <link rel="depends-on" href="#pl-2_smt.a.15"/>
             </part>
             <part id="pl-2_obj.a.15-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-02a.15[02]"/>
-              <link rel="depends-on" href="#pl-2_smt.a.15"/>
               <p>a privacy plan for the system is developed that is reviewed and approved by the authorizing official or designated representative prior to plan implementation.</p>
+              <link rel="depends-on" href="#pl-2_smt.a.15"/>
             </part>
+            <link rel="depends-on" href="#pl-2_smt.a.15"/>
           </part>
+          <link rel="depends-on" href="#pl-2_smt.a"/>
         </part>
         <part id="pl-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-02b."/>
-          <link rel="depends-on" href="#pl-2_smt.b"/>
           <part id="pl-2_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02b.[01]"/>
-            <link rel="depends-on" href="#pl-2_smt.b"/>
             <p>copies of the plans are distributed to <insert type="param" id-ref="pl-02_odp.02"/>;</p>
+            <link rel="depends-on" href="#pl-2_smt.b"/>
           </part>
           <part id="pl-2_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02b.[02]"/>
-            <link rel="depends-on" href="#pl-2_smt.b"/>
             <p>subsequent changes to the plans are communicated to <insert type="param" id-ref="pl-02_odp.02"/>;</p>
+            <link rel="depends-on" href="#pl-2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pl-2_smt.b"/>
         </part>
         <part id="pl-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-02c."/>
-          <link rel="depends-on" href="#pl-2_smt.c"/>
           <p>plans are reviewed <insert type="param" id-ref="pl-02_odp.03"/>;</p>
+          <link rel="depends-on" href="#pl-2_smt.c"/>
         </part>
         <part id="pl-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-02d."/>
-          <link rel="depends-on" href="#pl-2_smt.d"/>
           <part id="pl-2_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02d.[01]"/>
-            <link rel="depends-on" href="#pl-2_smt.d"/>
             <p>plans are updated to address changes to the system and environment of operations;</p>
+            <link rel="depends-on" href="#pl-2_smt.d"/>
           </part>
           <part id="pl-2_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02d.[02]"/>
-            <link rel="depends-on" href="#pl-2_smt.d"/>
             <p>plans are updated to address problems identified during the plan implementation;</p>
+            <link rel="depends-on" href="#pl-2_smt.d"/>
           </part>
           <part id="pl-2_obj.d-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02d.[03]"/>
-            <link rel="depends-on" href="#pl-2_smt.d"/>
             <p>plans are updated to address problems identified during control assessments;</p>
+            <link rel="depends-on" href="#pl-2_smt.d"/>
           </part>
+          <link rel="depends-on" href="#pl-2_smt.d"/>
         </part>
         <part id="pl-2_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-02e."/>
-          <link rel="depends-on" href="#pl-2_smt.e"/>
           <part id="pl-2_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02e.[01]"/>
-            <link rel="depends-on" href="#pl-2_smt.e"/>
             <p>plans are protected from unauthorized disclosure;</p>
+            <link rel="depends-on" href="#pl-2_smt.e"/>
           </part>
           <part id="pl-2_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-02e.[02]"/>
-            <link rel="depends-on" href="#pl-2_smt.e"/>
             <p>plans are protected from unauthorized modification.</p>
+            <link rel="depends-on" href="#pl-2_smt.e"/>
           </part>
+          <link rel="depends-on" href="#pl-2_smt.e"/>
         </part>
+        <link rel="depends-on" href="#pl-2_smt"/>
       </part>
       <part id="pl-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -44857,36 +44857,36 @@
       </part>
       <part id="pl-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-04"/>
-        <link rel="depends-on" href="#pl-4_smt"/>
         <part id="pl-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-04a."/>
-          <link rel="depends-on" href="#pl-4_smt.a"/>
           <part id="pl-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-04a.[01]"/>
-            <link rel="depends-on" href="#pl-4_smt.a"/>
             <p>rules that describe responsibilities and expected behavior for information and system usage, security, and privacy are established for individuals requiring access to the system;</p>
+            <link rel="depends-on" href="#pl-4_smt.a"/>
           </part>
           <part id="pl-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-04a.[02]"/>
-            <link rel="depends-on" href="#pl-4_smt.a"/>
             <p>rules that describe responsibilities and expected behavior for information and system usage, security, and privacy are provided to individuals requiring access to the system;</p>
+            <link rel="depends-on" href="#pl-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pl-4_smt.a"/>
         </part>
         <part id="pl-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-04b."/>
-          <link rel="depends-on" href="#pl-4_smt.b"/>
           <p>before authorizing access to information and the system, a documented acknowledgement from such individuals indicating that they have read, understand, and agree to abide by the rules of behavior is received;</p>
+          <link rel="depends-on" href="#pl-4_smt.b"/>
         </part>
         <part id="pl-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-04c."/>
-          <link rel="depends-on" href="#pl-4_smt.c"/>
           <p>rules of behavior are reviewed and updated <insert type="param" id-ref="pl-04_odp.01"/>;</p>
+          <link rel="depends-on" href="#pl-4_smt.c"/>
         </part>
         <part id="pl-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-04d."/>
-          <link rel="depends-on" href="#pl-4_smt.d"/>
           <p>individuals who have acknowledged a previous version of the rules of behavior are required to read and reacknowledge <insert type="param" id-ref="pl-04_odp.02"/>.</p>
+          <link rel="depends-on" href="#pl-4_smt.d"/>
         </part>
+        <link rel="depends-on" href="#pl-4_smt"/>
       </part>
       <part id="pl-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -44948,22 +44948,22 @@
         </part>
         <part id="pl-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-04(01)"/>
-          <link rel="depends-on" href="#pl-4.1_smt"/>
           <part id="pl-4.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-04(01)(a)"/>
-            <link rel="depends-on" href="#pl-4.1_smt.a"/>
             <p>the rules of behavior include restrictions on the use of social media, social networking sites, and external sites/applications;</p>
+            <link rel="depends-on" href="#pl-4.1_smt.a"/>
           </part>
           <part id="pl-4.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-04(01)(b)"/>
-            <link rel="depends-on" href="#pl-4.1_smt.b"/>
             <p>the rules of behavior include restrictions on posting organizational information on public websites;</p>
+            <link rel="depends-on" href="#pl-4.1_smt.b"/>
           </part>
           <part id="pl-4.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-04(01)(c)"/>
-            <link rel="depends-on" href="#pl-4.1_smt.c"/>
             <p>the rules of behavior include restrictions on the use of organization-provided identifiers (e.g., email addresses) and authentication secrets (e.g., passwords) for creating accounts on external sites/applications.</p>
+            <link rel="depends-on" href="#pl-4.1_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pl-4.1_smt"/>
         </part>
         <part id="pl-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45045,17 +45045,17 @@
       </part>
       <part id="pl-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-07"/>
-        <link rel="depends-on" href="#pl-7_smt"/>
         <part id="pl-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-07a."/>
-          <link rel="depends-on" href="#pl-7_smt.a"/>
           <p>a CONOPS for the system describing how the organization intends to operate the system from the perspective of information security and privacy is developed;</p>
+          <link rel="depends-on" href="#pl-7_smt.a"/>
         </part>
         <part id="pl-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-07b."/>
-          <link rel="depends-on" href="#pl-7_smt.b"/>
           <p>the CONOPS is reviewed and updated <insert type="param" id-ref="pl-07_odp"/>.</p>
+          <link rel="depends-on" href="#pl-7_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pl-7_smt"/>
       </part>
       <part id="pl-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45157,88 +45157,88 @@
       </part>
       <part id="pl-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-08"/>
-        <link rel="depends-on" href="#pl-8_smt"/>
         <part id="pl-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-08a."/>
-          <link rel="depends-on" href="#pl-8_smt.a"/>
           <part id="pl-8_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08a.01"/>
-            <link rel="depends-on" href="#pl-8_smt.a.1"/>
             <p>a security architecture for the system describes the requirements and approach to be taken for protecting the confidentiality, integrity, and availability of organizational information;</p>
+            <link rel="depends-on" href="#pl-8_smt.a.1"/>
           </part>
           <part id="pl-8_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08a.02"/>
-            <link rel="depends-on" href="#pl-8_smt.a.2"/>
             <p>a privacy architecture describes the requirements and approach to be taken for processing personally identifiable information to minimize privacy risk to individuals;</p>
+            <link rel="depends-on" href="#pl-8_smt.a.2"/>
           </part>
           <part id="pl-8_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08a.03"/>
-            <link rel="depends-on" href="#pl-8_smt.a.3"/>
             <part id="pl-8_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08a.03[01]"/>
-              <link rel="depends-on" href="#pl-8_smt.a.3"/>
               <p>a security architecture for the system describes how the architecture is integrated into and supports the enterprise architecture;</p>
+              <link rel="depends-on" href="#pl-8_smt.a.3"/>
             </part>
             <part id="pl-8_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08a.03[02]"/>
-              <link rel="depends-on" href="#pl-8_smt.a.3"/>
               <p>a privacy architecture for the system describes how the architecture is integrated into and supports the enterprise architecture;</p>
+              <link rel="depends-on" href="#pl-8_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#pl-8_smt.a.3"/>
           </part>
           <part id="pl-8_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08a.04"/>
-            <link rel="depends-on" href="#pl-8_smt.a.4"/>
             <part id="pl-8_obj.a.4-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08a.04[01]"/>
-              <link rel="depends-on" href="#pl-8_smt.a.4"/>
               <p>a security architecture for the system describes any assumptions about and dependencies on external systems and services;</p>
+              <link rel="depends-on" href="#pl-8_smt.a.4"/>
             </part>
             <part id="pl-8_obj.a.4-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08a.04[02]"/>
-              <link rel="depends-on" href="#pl-8_smt.a.4"/>
               <p>a privacy architecture for the system describes any assumptions about and dependencies on external systems and services;</p>
+              <link rel="depends-on" href="#pl-8_smt.a.4"/>
             </part>
+            <link rel="depends-on" href="#pl-8_smt.a.4"/>
           </part>
+          <link rel="depends-on" href="#pl-8_smt.a"/>
         </part>
         <part id="pl-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-08b."/>
-          <link rel="depends-on" href="#pl-8_smt.b"/>
           <p>changes in the enterprise architecture are reviewed and updated <insert type="param" id-ref="pl-08_odp"/> to reflect changes in the enterprise architecture;</p>
+          <link rel="depends-on" href="#pl-8_smt.b"/>
         </part>
         <part id="pl-8_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-08c."/>
-          <link rel="depends-on" href="#pl-8_smt.c"/>
           <part id="pl-8_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08c.[01]"/>
-            <link rel="depends-on" href="#pl-8_smt.c"/>
             <p>planned architecture changes are reflected in the security plan;</p>
+            <link rel="depends-on" href="#pl-8_smt.c"/>
           </part>
           <part id="pl-8_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08c.[02]"/>
-            <link rel="depends-on" href="#pl-8_smt.c"/>
             <p>planned architecture changes are reflected in the privacy plan;</p>
+            <link rel="depends-on" href="#pl-8_smt.c"/>
           </part>
           <part id="pl-8_obj.c-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08c.[03]"/>
-            <link rel="depends-on" href="#pl-8_smt.c"/>
             <p>planned architecture changes are reflected in the Concept of Operations (CONOPS);</p>
+            <link rel="depends-on" href="#pl-8_smt.c"/>
           </part>
           <part id="pl-8_obj.c-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08c.[04]"/>
-            <link rel="depends-on" href="#pl-8_smt.c"/>
             <p>planned architecture changes are reflected in criticality analysis;</p>
+            <link rel="depends-on" href="#pl-8_smt.c"/>
           </part>
           <part id="pl-8_obj.c-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08c.[05]"/>
-            <link rel="depends-on" href="#pl-8_smt.c"/>
             <p>planned architecture changes are reflected in organizational procedures;</p>
+            <link rel="depends-on" href="#pl-8_smt.c"/>
           </part>
           <part id="pl-8_obj.c-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08c.[06]"/>
-            <link rel="depends-on" href="#pl-8_smt.c"/>
             <p>planned architecture changes are reflected in procurements and acquisitions.</p>
+            <link rel="depends-on" href="#pl-8_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pl-8_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pl-8_smt"/>
       </part>
       <part id="pl-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45317,35 +45317,35 @@
         </part>
         <part id="pl-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-08(01)"/>
-          <link rel="depends-on" href="#pl-8.1_smt"/>
           <part id="pl-8.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08(01)(a)"/>
-            <link rel="depends-on" href="#pl-8.1_smt.a"/>
             <part id="pl-8.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08(01)(a)[01]"/>
-              <link rel="depends-on" href="#pl-8.1_smt.a"/>
               <p>the security architecture for the system is designed using a defense-in-depth approach that allocates <insert type="param" id-ref="pl-08.01_odp.01"/> to <insert type="param" id-ref="pl-08.01_odp.02"/>;</p>
+              <link rel="depends-on" href="#pl-8.1_smt.a"/>
             </part>
             <part id="pl-8.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08(01)(a)[02]"/>
-              <link rel="depends-on" href="#pl-8.1_smt.a"/>
               <p>the privacy architecture for the system is designed using a defense-in-depth approach that allocates <insert type="param" id-ref="pl-08.01_odp.01"/> to <insert type="param" id-ref="pl-08.01_odp.02"/>;</p>
+              <link rel="depends-on" href="#pl-8.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#pl-8.1_smt.a"/>
           </part>
           <part id="pl-8.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PL-08(01)(b)"/>
-            <link rel="depends-on" href="#pl-8.1_smt.b"/>
             <part id="pl-8.1_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08(01)(b)[01]"/>
-              <link rel="depends-on" href="#pl-8.1_smt.b"/>
               <p>the security architecture for the system is designed using a defense-in-depth approach that ensures the allocated controls operate in a coordinated and mutually reinforcing manner;</p>
+              <link rel="depends-on" href="#pl-8.1_smt.b"/>
             </part>
             <part id="pl-8.1_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PL-08(01)(b)[02]"/>
-              <link rel="depends-on" href="#pl-8.1_smt.b"/>
               <p>the privacy architecture for the system is designed using a defense-in-depth approach that ensures the allocated controls operate in a coordinated and mutually reinforcing manner.</p>
+              <link rel="depends-on" href="#pl-8.1_smt.b"/>
             </part>
+            <link rel="depends-on" href="#pl-8.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pl-8.1_smt"/>
         </part>
         <part id="pl-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45413,8 +45413,8 @@
         </part>
         <part id="pl-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PL-08(02)"/>
-          <link rel="depends-on" href="#pl-8.2_smt"/>
           <p><insert type="param" id-ref="pl-08.02_odp.01"/> that are allocated to <insert type="param" id-ref="pl-08.02_odp.02"/> are required to be obtained from different suppliers.</p>
+          <link rel="depends-on" href="#pl-8.2_smt"/>
         </part>
         <part id="pl-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45479,8 +45479,8 @@
       </part>
       <part id="pl-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-09"/>
-        <link rel="depends-on" href="#pl-9_smt"/>
         <p><insert type="param" id-ref="pl-09_odp"/> are centrally managed.</p>
+        <link rel="depends-on" href="#pl-9_smt"/>
       </part>
       <part id="pl-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45540,8 +45540,8 @@
       </part>
       <part id="pl-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-10"/>
-        <link rel="depends-on" href="#pl-10_smt"/>
         <p>a control baseline for the system is selected.</p>
+        <link rel="depends-on" href="#pl-10_smt"/>
       </part>
       <part id="pl-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45607,8 +45607,8 @@
       </part>
       <part id="pl-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PL-11"/>
-        <link rel="depends-on" href="#pl-11_smt"/>
         <p>the selected control baseline is tailored by applying specified tailoring actions.</p>
+        <link rel="depends-on" href="#pl-11_smt"/>
       </part>
       <part id="pl-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45723,107 +45723,107 @@
       </part>
       <part id="pm-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-01"/>
-        <link rel="depends-on" href="#pm-1_smt"/>
         <part id="pm-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-01a."/>
-          <link rel="depends-on" href="#pm-1_smt.a"/>
           <part id="pm-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01a.[01]"/>
-            <link rel="depends-on" href="#pm-1_smt.a"/>
             <p>an organization-wide information security program plan is developed;</p>
+            <link rel="depends-on" href="#pm-1_smt.a"/>
           </part>
           <part id="pm-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01a.[02]"/>
-            <link rel="depends-on" href="#pm-1_smt.a"/>
             <p>the information security program plan is disseminated;</p>
+            <link rel="depends-on" href="#pm-1_smt.a"/>
           </part>
           <part id="pm-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01a.01"/>
-            <link rel="depends-on" href="#pm-1_smt.a.1"/>
             <part id="pm-1_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.01[01]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.1"/>
               <p>the information security program plan provides an overview of the requirements for the security program;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.1"/>
             </part>
             <part id="pm-1_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.01[02]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.1"/>
               <p>the information security program plan provides a description of the security program management controls in place or planned for meeting those requirements;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.1"/>
             </part>
             <part id="pm-1_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.01[03]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.1"/>
               <p>the information security program plan provides a description of the common controls in place or planned for meeting those requirements;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pm-1_smt.a.1"/>
           </part>
           <part id="pm-1_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01a.02"/>
-            <link rel="depends-on" href="#pm-1_smt.a.2"/>
             <part id="pm-1_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.02[01]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.2"/>
               <p>the information security program plan includes the identification and assignment of roles;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.2"/>
             </part>
             <part id="pm-1_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.02[02]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.2"/>
               <p>the information security program plan includes the identification and assignment of responsibilities;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.2"/>
             </part>
             <part id="pm-1_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.02[03]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.2"/>
               <p>the information security program plan addresses management commitment;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.2"/>
             </part>
             <part id="pm-1_obj.a.2-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.02[04]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.2"/>
               <p>the information security program plan addresses coordination among organizational entities;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.2"/>
             </part>
             <part id="pm-1_obj.a.2-5" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-01a.02[05]"/>
-              <link rel="depends-on" href="#pm-1_smt.a.2"/>
               <p>the information security program plan addresses compliance;</p>
+              <link rel="depends-on" href="#pm-1_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-1_smt.a.2"/>
           </part>
           <part id="pm-1_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01a.03"/>
-            <link rel="depends-on" href="#pm-1_smt.a.3"/>
             <p>the information security program plan reflects the coordination among the organizational entities responsible for information security;</p>
+            <link rel="depends-on" href="#pm-1_smt.a.3"/>
           </part>
           <part id="pm-1_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01a.04"/>
-            <link rel="depends-on" href="#pm-1_smt.a.4"/>
             <p>the information security program plan is approved by a senior official with responsibility and accountability for the risk being incurred to organizational operations (including mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation;</p>
+            <link rel="depends-on" href="#pm-1_smt.a.4"/>
           </part>
+          <link rel="depends-on" href="#pm-1_smt.a"/>
         </part>
         <part id="pm-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-01b."/>
-          <link rel="depends-on" href="#pm-1_smt.b"/>
           <part id="pm-1_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01b.[01]"/>
-            <link rel="depends-on" href="#pm-1_smt.b"/>
             <p>the information security program plan is reviewed and updated <insert type="param" id-ref="pm-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#pm-1_smt.b"/>
           </part>
           <part id="pm-1_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01b.[02]"/>
-            <link rel="depends-on" href="#pm-1_smt.b"/>
             <p>the information security program plan is reviewed and updated following <insert type="param" id-ref="pm-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#pm-1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-1_smt.b"/>
         </part>
         <part id="pm-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-01c."/>
-          <link rel="depends-on" href="#pm-1_smt.c"/>
           <part id="pm-1_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01c.[01]"/>
-            <link rel="depends-on" href="#pm-1_smt.c"/>
             <p>the information security program plan is protected from unauthorized disclosure;</p>
+            <link rel="depends-on" href="#pm-1_smt.c"/>
           </part>
           <part id="pm-1_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-01c.[02]"/>
-            <link rel="depends-on" href="#pm-1_smt.c"/>
             <p>the information security program plan is protected from unauthorized modification.</p>
+            <link rel="depends-on" href="#pm-1_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-1_smt"/>
       </part>
       <part id="pm-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45873,32 +45873,32 @@
       </part>
       <part id="pm-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-02"/>
-        <link rel="depends-on" href="#pm-2_smt"/>
         <part id="pm-2_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-02[01]"/>
-          <link rel="depends-on" href="#pm-2_smt"/>
           <p>a senior agency information security officer is appointed;</p>
+          <link rel="depends-on" href="#pm-2_smt"/>
         </part>
         <part id="pm-2_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-02[02]"/>
-          <link rel="depends-on" href="#pm-2_smt"/>
           <p>the senior agency information security officer is provided with the mission and resources to coordinate an organization-wide information security program;</p>
+          <link rel="depends-on" href="#pm-2_smt"/>
         </part>
         <part id="pm-2_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-02[03]"/>
-          <link rel="depends-on" href="#pm-2_smt"/>
           <p>the senior agency information security officer is provided with the mission and resources to develop an organization-wide information security program;</p>
+          <link rel="depends-on" href="#pm-2_smt"/>
         </part>
         <part id="pm-2_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-02[04]"/>
-          <link rel="depends-on" href="#pm-2_smt"/>
           <p>the senior agency information security officer is provided with the mission and resources to implement an organization-wide information security program;</p>
+          <link rel="depends-on" href="#pm-2_smt"/>
         </part>
         <part id="pm-2_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-02[05]"/>
-          <link rel="depends-on" href="#pm-2_smt"/>
           <p>the senior agency information security officer is provided with the mission and resources to maintain an organization-wide information security program.</p>
+          <link rel="depends-on" href="#pm-2_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-2_smt"/>
       </part>
       <part id="pm-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -45949,49 +45949,49 @@
       </part>
       <part id="pm-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-03"/>
-        <link rel="depends-on" href="#pm-3_smt"/>
         <part id="pm-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-03a."/>
-          <link rel="depends-on" href="#pm-3_smt.a"/>
           <part id="pm-3_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-03a.[01]"/>
-            <link rel="depends-on" href="#pm-3_smt.a"/>
             <p>the resources needed to implement the information security program are included in capital planning and investment requests, and all exceptions are documented;</p>
+            <link rel="depends-on" href="#pm-3_smt.a"/>
           </part>
           <part id="pm-3_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-03a.[02]"/>
-            <link rel="depends-on" href="#pm-3_smt.a"/>
             <p>the resources needed to implement the privacy program are included in capital planning and investment requests, and all exceptions are documented;</p>
+            <link rel="depends-on" href="#pm-3_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-3_smt.a"/>
         </part>
         <part id="pm-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-03b."/>
-          <link rel="depends-on" href="#pm-3_smt.b"/>
           <part id="pm-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-03b.[01]"/>
-            <link rel="depends-on" href="#pm-3_smt.b"/>
             <p>the documentation required for addressing the information security program in capital planning and investment requests is prepared in accordance with applicable laws, executive orders, directives, policies, regulations, standards;</p>
+            <link rel="depends-on" href="#pm-3_smt.b"/>
           </part>
           <part id="pm-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-03b.[02]"/>
-            <link rel="depends-on" href="#pm-3_smt.b"/>
             <p>the documentation required for addressing the privacy program in capital planning and investment requests is prepared in accordance with applicable laws, executive orders, directives, policies, regulations, standards;</p>
+            <link rel="depends-on" href="#pm-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-3_smt.b"/>
         </part>
         <part id="pm-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-03c."/>
-          <link rel="depends-on" href="#pm-3_smt.c"/>
           <part id="pm-3_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-03c.[01]"/>
-            <link rel="depends-on" href="#pm-3_smt.c"/>
             <p>information security resources are made available for expenditure as planned;</p>
+            <link rel="depends-on" href="#pm-3_smt.c"/>
           </part>
           <part id="pm-3_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-03c.[02]"/>
-            <link rel="depends-on" href="#pm-3_smt.c"/>
             <p>privacy resources are made available for expenditure as planned.</p>
+            <link rel="depends-on" href="#pm-3_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-3_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-3_smt"/>
       </part>
       <part id="pm-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46068,97 +46068,97 @@
       </part>
       <part id="pm-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-04"/>
-        <link rel="depends-on" href="#pm-4_smt"/>
         <part id="pm-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-04a."/>
-          <link rel="depends-on" href="#pm-4_smt.a"/>
           <part id="pm-4_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-04a.01"/>
-            <link rel="depends-on" href="#pm-4_smt.a.1"/>
             <part id="pm-4_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.01[01]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.1"/>
               <p>a process to ensure that plans of action and milestones for the information security program and associated organizational systems are developed;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.1"/>
             </part>
             <part id="pm-4_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.01[02]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.1"/>
               <p>a process to ensure that plans of action and milestones for the information security program and associated organizational systems are maintained;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.1"/>
             </part>
             <part id="pm-4_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.01[03]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.1"/>
               <p>a process to ensure that plans of action and milestones for the privacy program and associated organizational systems are developed;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.1"/>
             </part>
             <part id="pm-4_obj.a.1-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.01[04]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.1"/>
               <p>a process to ensure that plans of action and milestones for the privacy program and associated organizational systems are maintained;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.1"/>
             </part>
             <part id="pm-4_obj.a.1-5" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.01[05]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.1"/>
               <p>a process to ensure that plans of action and milestones for the supply chain risk management program and associated organizational systems are developed;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.1"/>
             </part>
             <part id="pm-4_obj.a.1-6" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.01[06]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.1"/>
               <p>a process to ensure that plans of action and milestones for the supply chain risk management program and associated organizational systems are maintained;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pm-4_smt.a.1"/>
           </part>
           <part id="pm-4_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-04a.02"/>
-            <link rel="depends-on" href="#pm-4_smt.a.2"/>
             <part id="pm-4_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.02[01]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.2"/>
               <p>a process to ensure that plans of action and milestones for the information security program and associated organizational systems document remedial information security risk management actions to adequately respond to risks to organizational operations and assets, individuals, other organizations, and the Nation;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.2"/>
             </part>
             <part id="pm-4_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.02[02]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.2"/>
               <p>a process to ensure that plans of action and milestones for the privacy program and associated organizational systems document remedial privacy risk management actions to adequately respond to risks to organizational operations and assets, individuals, other organizations, and the Nation;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.2"/>
             </part>
             <part id="pm-4_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.02[03]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.2"/>
               <p>a process to ensure that plans of action and milestones for the supply chain risk management program and associated organizational systems document remedial supply chain risk management actions to adequately respond to risks to organizational operations and assets, individuals, other organizations, and the Nation;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-4_smt.a.2"/>
           </part>
           <part id="pm-4_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-04a.03"/>
-            <link rel="depends-on" href="#pm-4_smt.a.3"/>
             <part id="pm-4_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.03[01]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.3"/>
               <p>a process to ensure that plans of action and milestones for the information security risk management programs and associated organizational systems are reported in accordance with established reporting requirements;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.3"/>
             </part>
             <part id="pm-4_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.03[02]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.3"/>
               <p>a process to ensure that plans of action and milestones for the privacy risk management programs and associated organizational systems are reported in accordance with established reporting requirements;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.3"/>
             </part>
             <part id="pm-4_obj.a.3-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-04a.03[03]"/>
-              <link rel="depends-on" href="#pm-4_smt.a.3"/>
               <p>a process to ensure that plans of action and milestones for the supply chain risk management programs and associated organizational systems are reported in accordance with established reporting requirements;</p>
+              <link rel="depends-on" href="#pm-4_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#pm-4_smt.a.3"/>
           </part>
+          <link rel="depends-on" href="#pm-4_smt.a"/>
         </part>
         <part id="pm-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-04b."/>
-          <link rel="depends-on" href="#pm-4_smt.b"/>
           <part id="pm-4_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-04b.[01]"/>
-            <link rel="depends-on" href="#pm-4_smt.b"/>
             <p>plans of action and milestones are reviewed for consistency with the organizational risk management strategy;</p>
+            <link rel="depends-on" href="#pm-4_smt.b"/>
           </part>
           <part id="pm-4_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-04b.[02]"/>
-            <link rel="depends-on" href="#pm-4_smt.b"/>
             <p>plans of action and milestones are reviewed for consistency with organization-wide priorities for risk response actions.</p>
+            <link rel="depends-on" href="#pm-4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-4_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-4_smt"/>
       </part>
       <part id="pm-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46215,17 +46215,17 @@
       </part>
       <part id="pm-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-05"/>
-        <link rel="depends-on" href="#pm-5_smt"/>
         <part id="pm-5_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-05[01]"/>
-          <link rel="depends-on" href="#pm-5_smt"/>
           <p>an inventory of organizational systems is developed;</p>
+          <link rel="depends-on" href="#pm-5_smt"/>
         </part>
         <part id="pm-5_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-05[02]"/>
-          <link rel="depends-on" href="#pm-5_smt"/>
           <p>the inventory of organizational systems is updated <insert type="param" id-ref="pm-05_odp"/>.</p>
+          <link rel="depends-on" href="#pm-5_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-5_smt"/>
       </part>
       <part id="pm-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46288,22 +46288,22 @@
         </part>
         <part id="pm-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-05(01)"/>
-          <link rel="depends-on" href="#pm-5.1_smt"/>
           <part id="pm-5.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-05(01)[01]"/>
-            <link rel="depends-on" href="#pm-5.1_smt"/>
             <p>an inventory of all systems, applications, and projects that process personally identifiable information is established;</p>
+            <link rel="depends-on" href="#pm-5.1_smt"/>
           </part>
           <part id="pm-5.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-05(01)[02]"/>
-            <link rel="depends-on" href="#pm-5.1_smt"/>
             <p>an inventory of all systems, applications, and projects that process personally identifiable information is maintained;</p>
+            <link rel="depends-on" href="#pm-5.1_smt"/>
           </part>
           <part id="pm-5.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-05(01)[03]"/>
-            <link rel="depends-on" href="#pm-5.1_smt"/>
             <p>an inventory of all systems, applications, and projects that process personally identifiable information is updated <insert type="param" id-ref="pm-05.01_odp"/>.</p>
+            <link rel="depends-on" href="#pm-5.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pm-5.1_smt"/>
         </part>
         <part id="pm-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46361,37 +46361,37 @@
       </part>
       <part id="pm-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-06"/>
-        <link rel="depends-on" href="#pm-6_smt"/>
         <part id="pm-6_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-06[01]"/>
-          <link rel="depends-on" href="#pm-6_smt"/>
           <p>information security measures of performance are developed;</p>
+          <link rel="depends-on" href="#pm-6_smt"/>
         </part>
         <part id="pm-6_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-06[02]"/>
-          <link rel="depends-on" href="#pm-6_smt"/>
           <p>information security measures of performance are monitored;</p>
+          <link rel="depends-on" href="#pm-6_smt"/>
         </part>
         <part id="pm-6_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-06[03]"/>
-          <link rel="depends-on" href="#pm-6_smt"/>
           <p>the results of information security measures of performance are reported;</p>
+          <link rel="depends-on" href="#pm-6_smt"/>
         </part>
         <part id="pm-6_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-06[04]"/>
-          <link rel="depends-on" href="#pm-6_smt"/>
           <p>privacy measures of performance are developed;</p>
+          <link rel="depends-on" href="#pm-6_smt"/>
         </part>
         <part id="pm-6_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-06[05]"/>
-          <link rel="depends-on" href="#pm-6_smt"/>
           <p>privacy measures of performance are monitored;</p>
+          <link rel="depends-on" href="#pm-6_smt"/>
         </part>
         <part id="pm-6_obj-6" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-06[06]"/>
-          <link rel="depends-on" href="#pm-6_smt"/>
           <p>the results of privacy measures of performance are reported.</p>
+          <link rel="depends-on" href="#pm-6_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-6_smt"/>
       </part>
       <part id="pm-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46451,37 +46451,37 @@
       </part>
       <part id="pm-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-07"/>
-        <link rel="depends-on" href="#pm-7_smt"/>
         <part id="pm-7_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07[01]"/>
-          <link rel="depends-on" href="#pm-7_smt"/>
           <p>an enterprise architecture is developed with consideration for information security;</p>
+          <link rel="depends-on" href="#pm-7_smt"/>
         </part>
         <part id="pm-7_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07[02]"/>
-          <link rel="depends-on" href="#pm-7_smt"/>
           <p>an enterprise architecture is maintained with consideration for information security;</p>
+          <link rel="depends-on" href="#pm-7_smt"/>
         </part>
         <part id="pm-7_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07[03]"/>
-          <link rel="depends-on" href="#pm-7_smt"/>
           <p>an enterprise architecture is developed with consideration for privacy;</p>
+          <link rel="depends-on" href="#pm-7_smt"/>
         </part>
         <part id="pm-7_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07[04]"/>
-          <link rel="depends-on" href="#pm-7_smt"/>
           <p>an enterprise architecture is maintained with consideration for privacy;</p>
+          <link rel="depends-on" href="#pm-7_smt"/>
         </part>
         <part id="pm-7_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07[05]"/>
-          <link rel="depends-on" href="#pm-7_smt"/>
           <p>an enterprise architecture is developed with consideration for the resulting risk to organizational operations and assets, individuals, other organizations, and the Nation;</p>
+          <link rel="depends-on" href="#pm-7_smt"/>
         </part>
         <part id="pm-7_obj-6" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07[06]"/>
-          <link rel="depends-on" href="#pm-7_smt"/>
           <p>an enterprise architecture is maintained with consideration for the resulting risk to organizational operations and assets, individuals, other organizations, and the Nation.</p>
+          <link rel="depends-on" href="#pm-7_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-7_smt"/>
       </part>
       <part id="pm-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46537,8 +46537,8 @@
         </part>
         <part id="pm-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-07(01)"/>
-          <link rel="depends-on" href="#pm-7.1_smt"/>
           <p><insert type="param" id-ref="pm-07.01_odp"/> are offloaded to other systems, system components, or an external provider.</p>
+          <link rel="depends-on" href="#pm-7.1_smt"/>
         </part>
         <part id="pm-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46601,37 +46601,37 @@
       </part>
       <part id="pm-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-08"/>
-        <link rel="depends-on" href="#pm-8_smt"/>
         <part id="pm-8_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-08[01]"/>
-          <link rel="depends-on" href="#pm-8_smt"/>
           <p>information security issues are addressed in the development of a critical infrastructure and key resources protection plan;</p>
+          <link rel="depends-on" href="#pm-8_smt"/>
         </part>
         <part id="pm-8_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-08[02]"/>
-          <link rel="depends-on" href="#pm-8_smt"/>
           <p>information security issues are addressed in the documentation of a critical infrastructure and key resources protection plan;</p>
+          <link rel="depends-on" href="#pm-8_smt"/>
         </part>
         <part id="pm-8_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-08[03]"/>
-          <link rel="depends-on" href="#pm-8_smt"/>
           <p>information security issues are addressed in the update of a critical infrastructure and key resources protection plan;</p>
+          <link rel="depends-on" href="#pm-8_smt"/>
         </part>
         <part id="pm-8_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-08[04]"/>
-          <link rel="depends-on" href="#pm-8_smt"/>
           <p>privacy issues are addressed in the development of a critical infrastructure and key resources protection plan;</p>
+          <link rel="depends-on" href="#pm-8_smt"/>
         </part>
         <part id="pm-8_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-08[05]"/>
-          <link rel="depends-on" href="#pm-8_smt"/>
           <p>privacy issues are addressed in the documentation of a critical infrastructure and key resources protection plan;</p>
+          <link rel="depends-on" href="#pm-8_smt"/>
         </part>
         <part id="pm-8_obj-6" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-08[06]"/>
-          <link rel="depends-on" href="#pm-8_smt"/>
           <p>privacy issues are addressed in the update of a critical infrastructure and key resources protection plan.</p>
+          <link rel="depends-on" href="#pm-8_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-8_smt"/>
       </part>
       <part id="pm-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46749,31 +46749,31 @@
       </part>
       <part id="pm-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-09"/>
-        <link rel="depends-on" href="#pm-9_smt"/>
         <part id="pm-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-09a."/>
-          <link rel="depends-on" href="#pm-9_smt.a"/>
           <part id="pm-9_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-09a.01"/>
-            <link rel="depends-on" href="#pm-9_smt.a.1"/>
             <p>a comprehensive strategy is developed to manage security risk to organizational operations and assets, individuals, other organizations, and the Nation associated with the operation and use of organizational systems;</p>
+            <link rel="depends-on" href="#pm-9_smt.a.1"/>
           </part>
           <part id="pm-9_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-09a.02"/>
-            <link rel="depends-on" href="#pm-9_smt.a.2"/>
             <p>a comprehensive strategy is developed to manage privacy risk to individuals resulting from the authorized processing of personally identifiable information;</p>
+            <link rel="depends-on" href="#pm-9_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#pm-9_smt.a"/>
         </part>
         <part id="pm-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-09b."/>
-          <link rel="depends-on" href="#pm-9_smt.b"/>
           <p>the risk management strategy is implemented consistently across the organization;</p>
+          <link rel="depends-on" href="#pm-9_smt.b"/>
         </part>
         <part id="pm-9_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-09c."/>
-          <link rel="depends-on" href="#pm-9_smt.c"/>
           <p>the risk management strategy is reviewed and updated <insert type="param" id-ref="pm-09_odp"/> or as required to address organizational changes.</p>
+          <link rel="depends-on" href="#pm-9_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-9_smt"/>
       </part>
       <part id="pm-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46838,31 +46838,31 @@
       </part>
       <part id="pm-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-10"/>
-        <link rel="depends-on" href="#pm-10_smt"/>
         <part id="pm-10_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-10a."/>
-          <link rel="depends-on" href="#pm-10_smt.a"/>
           <part id="pm-10_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-10a.[01]"/>
-            <link rel="depends-on" href="#pm-10_smt.a"/>
             <p>the security state of organizational systems and the environments in which those systems operate are managed through authorization processes;</p>
+            <link rel="depends-on" href="#pm-10_smt.a"/>
           </part>
           <part id="pm-10_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-10a.[02]"/>
-            <link rel="depends-on" href="#pm-10_smt.a"/>
             <p>the privacy state of organizational systems and the environments in which those systems operate are managed through authorization processes;</p>
+            <link rel="depends-on" href="#pm-10_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-10_smt.a"/>
         </part>
         <part id="pm-10_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-10b."/>
-          <link rel="depends-on" href="#pm-10_smt.b"/>
           <p>individuals are designated to fulfill specific roles and responsibilities within the organizational risk management process;</p>
+          <link rel="depends-on" href="#pm-10_smt.b"/>
         </part>
         <part id="pm-10_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-10c."/>
-          <link rel="depends-on" href="#pm-10_smt.c"/>
           <p>the authorization processes are integrated into an organization-wide risk management program.</p>
+          <link rel="depends-on" href="#pm-10_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-10_smt"/>
       </part>
       <part id="pm-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -46945,45 +46945,45 @@
       </part>
       <part id="pm-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-11"/>
-        <link rel="depends-on" href="#pm-11_smt"/>
         <part id="pm-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-11a."/>
-          <link rel="depends-on" href="#pm-11_smt.a"/>
           <part id="pm-11_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-11a.[01]"/>
-            <link rel="depends-on" href="#pm-11_smt.a"/>
             <p>organizational mission and business processes are defined with consideration for information security;</p>
+            <link rel="depends-on" href="#pm-11_smt.a"/>
           </part>
           <part id="pm-11_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-11a.[02]"/>
-            <link rel="depends-on" href="#pm-11_smt.a"/>
             <p>organizational mission and business processes are defined with consideration for privacy;</p>
+            <link rel="depends-on" href="#pm-11_smt.a"/>
           </part>
           <part id="pm-11_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-11a.[03]"/>
-            <link rel="depends-on" href="#pm-11_smt.a"/>
             <p>organizational mission and business processes are defined with consideration for the resulting risk to organizational operations, organizational assets, individuals, other organizations, and the Nation;</p>
+            <link rel="depends-on" href="#pm-11_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-11_smt.a"/>
         </part>
         <part id="pm-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-11b."/>
-          <link rel="depends-on" href="#pm-11_smt.b"/>
           <part id="pm-11_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-11b.[01]"/>
-            <link rel="depends-on" href="#pm-11_smt.b"/>
             <p>information protection needs arising from the defined mission and business processes are determined;</p>
+            <link rel="depends-on" href="#pm-11_smt.b"/>
           </part>
           <part id="pm-11_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-11b.[02]"/>
-            <link rel="depends-on" href="#pm-11_smt.b"/>
             <p>personally identifiable information processing needs arising from the defined mission and business processes are determined;</p>
+            <link rel="depends-on" href="#pm-11_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-11_smt.b"/>
         </part>
         <part id="pm-11_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-11c."/>
-          <link rel="depends-on" href="#pm-11_smt.c"/>
           <p>the mission and business processes are reviewed and revised <insert type="param" id-ref="pm-11_odp"/>.</p>
+          <link rel="depends-on" href="#pm-11_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-11_smt"/>
       </part>
       <part id="pm-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47058,8 +47058,8 @@
       </part>
       <part id="pm-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-12"/>
-        <link rel="depends-on" href="#pm-12_smt"/>
         <p>an insider threat program that includes a cross-discipline insider threat incident handling team is implemented.</p>
+        <link rel="depends-on" href="#pm-12_smt"/>
       </part>
       <part id="pm-12_asm-interview" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="INTERVIEW"/>
@@ -47099,17 +47099,17 @@
       </part>
       <part id="pm-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-13"/>
-        <link rel="depends-on" href="#pm-13_smt"/>
         <part id="pm-13_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-13[01]"/>
-          <link rel="depends-on" href="#pm-13_smt"/>
           <p>a security workforce development and improvement program is established;</p>
+          <link rel="depends-on" href="#pm-13_smt"/>
         </part>
         <part id="pm-13_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-13[02]"/>
-          <link rel="depends-on" href="#pm-13_smt"/>
           <p>a privacy workforce development and improvement program is established.</p>
+          <link rel="depends-on" href="#pm-13_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-13_smt"/>
       </part>
       <part id="pm-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47184,83 +47184,83 @@
       </part>
       <part id="pm-14_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-14"/>
-        <link rel="depends-on" href="#pm-14_smt"/>
         <part id="pm-14_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-14a."/>
-          <link rel="depends-on" href="#pm-14_smt.a"/>
           <part id="pm-14_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14a.01"/>
-            <link rel="depends-on" href="#pm-14_smt.a.1"/>
             <part id="pm-14_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-14a.01[01]"/>
-              <link rel="depends-on" href="#pm-14_smt.a.1"/>
               <p>a process is implemented for ensuring that organizational plans for conducting security testing, training, and monitoring activities associated with organizational systems are developed;</p>
+              <link rel="depends-on" href="#pm-14_smt.a.1"/>
             </part>
             <part id="pm-14_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-14a.01[02]"/>
-              <link rel="depends-on" href="#pm-14_smt.a.1"/>
               <p>a process is implemented for ensuring that organizational plans for conducting security testing, training, and monitoring activities associated with organizational systems are maintained;</p>
+              <link rel="depends-on" href="#pm-14_smt.a.1"/>
             </part>
             <part id="pm-14_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-14a.01[03]"/>
-              <link rel="depends-on" href="#pm-14_smt.a.1"/>
               <p>a process is implemented for ensuring that organizational plans for conducting privacy testing, training, and monitoring activities associated with organizational systems are developed;</p>
+              <link rel="depends-on" href="#pm-14_smt.a.1"/>
             </part>
             <part id="pm-14_obj.a.1-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-14a.01[04]"/>
-              <link rel="depends-on" href="#pm-14_smt.a.1"/>
               <p>a process is implemented for ensuring that organizational plans for conducting privacy testing, training, and monitoring activities associated with organizational systems are maintained;</p>
+              <link rel="depends-on" href="#pm-14_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pm-14_smt.a.1"/>
           </part>
           <part id="pm-14_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14a.02"/>
-            <link rel="depends-on" href="#pm-14_smt.a.2"/>
             <part id="pm-14_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-14a.02[01]"/>
-              <link rel="depends-on" href="#pm-14_smt.a.2"/>
               <p>a process is implemented for ensuring that organizational plans for conducting security testing, training, and monitoring activities associated with organizational systems continue to be executed;</p>
+              <link rel="depends-on" href="#pm-14_smt.a.2"/>
             </part>
             <part id="pm-14_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-14a.02[02]"/>
-              <link rel="depends-on" href="#pm-14_smt.a.2"/>
               <p>a process is implemented for ensuring that organizational plans for conducting privacy testing, training, and monitoring activities associated with organizational systems continue to be executed;</p>
+              <link rel="depends-on" href="#pm-14_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-14_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#pm-14_smt.a"/>
         </part>
         <part id="pm-14_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-14b."/>
-          <link rel="depends-on" href="#pm-14_smt.b"/>
           <part id="pm-14_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14b.[01]"/>
-            <link rel="depends-on" href="#pm-14_smt.b"/>
             <p>testing plans are reviewed for consistency with the organizational risk management strategy;</p>
+            <link rel="depends-on" href="#pm-14_smt.b"/>
           </part>
           <part id="pm-14_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14b.[02]"/>
-            <link rel="depends-on" href="#pm-14_smt.b"/>
             <p>training plans are reviewed for consistency with the organizational risk management strategy;</p>
+            <link rel="depends-on" href="#pm-14_smt.b"/>
           </part>
           <part id="pm-14_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14b.[03]"/>
-            <link rel="depends-on" href="#pm-14_smt.b"/>
             <p>monitoring plans are reviewed for consistency with the organizational risk management strategy;</p>
+            <link rel="depends-on" href="#pm-14_smt.b"/>
           </part>
           <part id="pm-14_obj.b-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14b.[04]"/>
-            <link rel="depends-on" href="#pm-14_smt.b"/>
             <p>testing plans are reviewed for consistency with organization-wide priorities for risk response actions;</p>
+            <link rel="depends-on" href="#pm-14_smt.b"/>
           </part>
           <part id="pm-14_obj.b-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14b.[05]"/>
-            <link rel="depends-on" href="#pm-14_smt.b"/>
             <p>training plans are reviewed for consistency with organization-wide priorities for risk response actions;</p>
+            <link rel="depends-on" href="#pm-14_smt.b"/>
           </part>
           <part id="pm-14_obj.b-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-14b.[06]"/>
-            <link rel="depends-on" href="#pm-14_smt.b"/>
             <p>monitoring plans are reviewed for consistency with organization-wide priorities for risk response actions.</p>
+            <link rel="depends-on" href="#pm-14_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-14_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-14_smt"/>
       </part>
       <part id="pm-14_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47323,49 +47323,49 @@
       </part>
       <part id="pm-15_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-15"/>
-        <link rel="depends-on" href="#pm-15_smt"/>
         <part id="pm-15_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-15a."/>
-          <link rel="depends-on" href="#pm-15_smt.a"/>
           <part id="pm-15_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-15a.[01]"/>
-            <link rel="depends-on" href="#pm-15_smt.a"/>
             <p>contact is established and institutionalized with selected groups and associations within the security community to facilitate ongoing security education and training for organizational personnel;</p>
+            <link rel="depends-on" href="#pm-15_smt.a"/>
           </part>
           <part id="pm-15_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-15a.[02]"/>
-            <link rel="depends-on" href="#pm-15_smt.a"/>
             <p>contact is established and institutionalized with selected groups and associations within the privacy community to facilitate ongoing privacy education and training for organizational personnel;</p>
+            <link rel="depends-on" href="#pm-15_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-15_smt.a"/>
         </part>
         <part id="pm-15_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-15b."/>
-          <link rel="depends-on" href="#pm-15_smt.b"/>
           <part id="pm-15_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-15b.[01]"/>
-            <link rel="depends-on" href="#pm-15_smt.b"/>
             <p>contact is established and institutionalized with selected groups and associations within the security community to maintain currency with recommended security practices, techniques, and technologies;</p>
+            <link rel="depends-on" href="#pm-15_smt.b"/>
           </part>
           <part id="pm-15_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-15b.[02]"/>
-            <link rel="depends-on" href="#pm-15_smt.b"/>
             <p>contact is established and institutionalized with selected groups and associations within the privacy community to maintain currency with recommended privacy practices, techniques, and technologies;</p>
+            <link rel="depends-on" href="#pm-15_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-15_smt.b"/>
         </part>
         <part id="pm-15_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-15c."/>
-          <link rel="depends-on" href="#pm-15_smt.c"/>
           <part id="pm-15_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-15c.[01]"/>
-            <link rel="depends-on" href="#pm-15_smt.c"/>
             <p>contact is established and institutionalized with selected groups and associations within the security community to share current security information, including threats, vulnerabilities, and incidents;</p>
+            <link rel="depends-on" href="#pm-15_smt.c"/>
           </part>
           <part id="pm-15_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-15c.[02]"/>
-            <link rel="depends-on" href="#pm-15_smt.c"/>
             <p>contact is established and institutionalized with selected groups and associations within the privacy community to share current privacy information, including threats, vulnerabilities, and incidents.</p>
+            <link rel="depends-on" href="#pm-15_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-15_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-15_smt"/>
       </part>
       <part id="pm-15_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47415,8 +47415,8 @@
       </part>
       <part id="pm-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-16"/>
-        <link rel="depends-on" href="#pm-16_smt"/>
         <p>a threat awareness program that includes a cross-organization information-sharing capability for threat intelligence is implemented.</p>
+        <link rel="depends-on" href="#pm-16_smt"/>
       </part>
       <part id="pm-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47468,8 +47468,8 @@
         </part>
         <part id="pm-16.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-16(01)"/>
-          <link rel="depends-on" href="#pm-16.1_smt"/>
           <p>automated mechanisms are employed to maximize the effectiveness of sharing threat intelligence information.</p>
+          <link rel="depends-on" href="#pm-16.1_smt"/>
         </part>
         <part id="pm-16.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47554,35 +47554,35 @@
       </part>
       <part id="pm-17_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-17"/>
-        <link rel="depends-on" href="#pm-17_smt"/>
         <part id="pm-17_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-17a."/>
-          <link rel="depends-on" href="#pm-17_smt.a"/>
           <part id="pm-17_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-17a.[01]"/>
-            <link rel="depends-on" href="#pm-17_smt.a"/>
             <p>policy is established to ensure that requirements for the protection of controlled unclassified information that is processed, stored, or transmitted on external systems are implemented in accordance with applicable laws, executive orders, directives, policies, regulations, and standards;</p>
+            <link rel="depends-on" href="#pm-17_smt.a"/>
           </part>
           <part id="pm-17_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-17a.[02]"/>
-            <link rel="depends-on" href="#pm-17_smt.a"/>
             <p>procedures are established to ensure that requirements for the protection of controlled unclassified information that is processed, stored, or transmitted on external systems are implemented in accordance with applicable laws, executive orders, directives, policies, regulations, and standards;</p>
+            <link rel="depends-on" href="#pm-17_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-17_smt.a"/>
         </part>
         <part id="pm-17_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-17b."/>
-          <link rel="depends-on" href="#pm-17_smt.b"/>
           <part id="pm-17_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-17b.[01]"/>
-            <link rel="depends-on" href="#pm-17_smt.b"/>
             <p>policy is reviewed and updated <insert type="param" id-ref="pm-17_odp.01"/>;</p>
+            <link rel="depends-on" href="#pm-17_smt.b"/>
           </part>
           <part id="pm-17_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-17b.[02]"/>
-            <link rel="depends-on" href="#pm-17_smt.b"/>
             <p>procedures are reviewed and updated <insert type="param" id-ref="pm-17_odp.02"/> </p>
+            <link rel="depends-on" href="#pm-17_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-17_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-17_smt"/>
       </part>
       <part id="pm-17_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47663,121 +47663,121 @@
       </part>
       <part id="pm-18_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-18"/>
-        <link rel="depends-on" href="#pm-18_smt"/>
         <part id="pm-18_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-18a."/>
-          <link rel="depends-on" href="#pm-18_smt.a"/>
           <part id="pm-18_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.[01]"/>
-            <link rel="depends-on" href="#pm-18_smt.a"/>
             <p>an organization-wide privacy program plan that provides an overview of the agency’s privacy program is developed;</p>
+            <link rel="depends-on" href="#pm-18_smt.a"/>
           </part>
           <part id="pm-18_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.01"/>
-            <link rel="depends-on" href="#pm-18_smt.a.1"/>
             <part id="pm-18_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.01[01]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.1"/>
               <p>the privacy program plan includes a description of the structure of the privacy program;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.1"/>
             </part>
             <part id="pm-18_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.01[02]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.1"/>
               <p>the privacy program plan includes a description of the resources dedicated to the privacy program;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pm-18_smt.a.1"/>
           </part>
           <part id="pm-18_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.02"/>
-            <link rel="depends-on" href="#pm-18_smt.a.2"/>
             <part id="pm-18_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.02[01]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.2"/>
               <p>the privacy program plan provides an overview of the requirements for the privacy program;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.2"/>
             </part>
             <part id="pm-18_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.02[02]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.2"/>
               <p>the privacy program plan provides a description of the privacy program management controls in place or planned for meeting the requirements of the privacy program;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.2"/>
             </part>
             <part id="pm-18_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.02[03]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.2"/>
               <p>the privacy program plan provides a description of common controls in place or planned for meeting the requirements of the privacy program;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-18_smt.a.2"/>
           </part>
           <part id="pm-18_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.03"/>
-            <link rel="depends-on" href="#pm-18_smt.a.3"/>
             <part id="pm-18_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.03[01]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.3"/>
               <p>the privacy program plan includes the role of the senior agency official for privacy;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.3"/>
             </part>
             <part id="pm-18_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.03[02]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.3"/>
               <p>the privacy program plan includes the identification and assignment of the roles of other privacy officials and staff and their responsibilities;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#pm-18_smt.a.3"/>
           </part>
           <part id="pm-18_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.04"/>
-            <link rel="depends-on" href="#pm-18_smt.a.4"/>
             <part id="pm-18_obj.a.4-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.04[01]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.4"/>
               <p>the privacy program plan describes management commitment;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.4"/>
             </part>
             <part id="pm-18_obj.a.4-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.04[02]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.4"/>
               <p>the privacy program plan describes compliance;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.4"/>
             </part>
             <part id="pm-18_obj.a.4-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-18a.04[03]"/>
-              <link rel="depends-on" href="#pm-18_smt.a.4"/>
               <p>the privacy program plan describes the strategic goals and objectives of the privacy program;</p>
+              <link rel="depends-on" href="#pm-18_smt.a.4"/>
             </part>
+            <link rel="depends-on" href="#pm-18_smt.a.4"/>
           </part>
           <part id="pm-18_obj.a.5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.05"/>
-            <link rel="depends-on" href="#pm-18_smt.a.5"/>
             <p>the privacy program plan reflects coordination among organizational entities responsible for the different aspects of privacy;</p>
+            <link rel="depends-on" href="#pm-18_smt.a.5"/>
           </part>
           <part id="pm-18_obj.a.6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.06"/>
-            <link rel="depends-on" href="#pm-18_smt.a.6"/>
             <p>the privacy program plan is approved by a senior official with responsibility and accountability for the privacy risk being incurred by organizational operations (including, mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation;</p>
+            <link rel="depends-on" href="#pm-18_smt.a.6"/>
           </part>
           <part id="pm-18_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18a.[02]"/>
-            <link rel="depends-on" href="#pm-18_smt.a"/>
             <p>the privacy program plan is disseminated;</p>
+            <link rel="depends-on" href="#pm-18_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-18_smt.a"/>
         </part>
         <part id="pm-18_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-18b."/>
-          <link rel="depends-on" href="#pm-18_smt.b"/>
           <part id="pm-18_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18b.[01]"/>
-            <link rel="depends-on" href="#pm-18_smt.b"/>
             <p>the privacy program plan is updated <insert type="param" id-ref="pm-18_odp"/>;</p>
+            <link rel="depends-on" href="#pm-18_smt.b"/>
           </part>
           <part id="pm-18_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18b.[02]"/>
-            <link rel="depends-on" href="#pm-18_smt.b"/>
             <p>the privacy program plan is updated to address changes in federal privacy laws and policies;</p>
+            <link rel="depends-on" href="#pm-18_smt.b"/>
           </part>
           <part id="pm-18_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18b.[03]"/>
-            <link rel="depends-on" href="#pm-18_smt.b"/>
             <p>the privacy program plan is updated to address organizational changes;</p>
+            <link rel="depends-on" href="#pm-18_smt.b"/>
           </part>
           <part id="pm-18_obj.b-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-18b.[04]"/>
-            <link rel="depends-on" href="#pm-18_smt.b"/>
             <p>the privacy program plan is updated to address problems identified during plan implementation or privacy control assessments.</p>
+            <link rel="depends-on" href="#pm-18_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-18_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-18_smt"/>
       </part>
       <part id="pm-18_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47820,32 +47820,32 @@
       </part>
       <part id="pm-19_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-19"/>
-        <link rel="depends-on" href="#pm-19_smt"/>
         <part id="pm-19_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-19[01]"/>
-          <link rel="depends-on" href="#pm-19_smt"/>
           <p>a senior agency official for privacy with authority, mission, accountability, and resources is appointed;</p>
+          <link rel="depends-on" href="#pm-19_smt"/>
         </part>
         <part id="pm-19_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-19[02]"/>
-          <link rel="depends-on" href="#pm-19_smt"/>
           <p>the senior agency official for privacy coordinates applicable privacy requirements;</p>
+          <link rel="depends-on" href="#pm-19_smt"/>
         </part>
         <part id="pm-19_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-19[03]"/>
-          <link rel="depends-on" href="#pm-19_smt"/>
           <p>the senior agency official for privacy develops applicable privacy requirements;</p>
+          <link rel="depends-on" href="#pm-19_smt"/>
         </part>
         <part id="pm-19_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-19[04]"/>
-          <link rel="depends-on" href="#pm-19_smt"/>
           <p>the senior agency official for privacy implements applicable privacy requirements;</p>
+          <link rel="depends-on" href="#pm-19_smt"/>
         </part>
         <part id="pm-19_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-19[05]"/>
-          <link rel="depends-on" href="#pm-19_smt"/>
           <p>the senior agency official for privacy manages privacy risks through the organization-wide privacy program.</p>
+          <link rel="depends-on" href="#pm-19_smt"/>
         </part>
+        <link rel="depends-on" href="#pm-19_smt"/>
       </part>
       <part id="pm-19_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -47909,50 +47909,50 @@
       </part>
       <part id="pm-20_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-20"/>
-        <link rel="depends-on" href="#pm-20_smt"/>
         <part id="pm-20_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-20[01]"/>
-          <link rel="depends-on" href="#pm-20_smt"/>
           <p>a central resource webpage is maintained on the organization’s principal public website;</p>
+          <link rel="depends-on" href="#pm-20_smt"/>
         </part>
         <part id="pm-20_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-20[02]"/>
-          <link rel="depends-on" href="#pm-20_smt"/>
           <p>the webpage serves as a central source of information about the organization’s privacy program;</p>
+          <link rel="depends-on" href="#pm-20_smt"/>
         </part>
         <part id="pm-20_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-20a."/>
-          <link rel="depends-on" href="#pm-20_smt.a"/>
           <part id="pm-20_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20a.[01]"/>
-            <link rel="depends-on" href="#pm-20_smt.a"/>
             <p>the webpage ensures that the public has access to information about organizational privacy activities;</p>
+            <link rel="depends-on" href="#pm-20_smt.a"/>
           </part>
           <part id="pm-20_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20a.[02]"/>
-            <link rel="depends-on" href="#pm-20_smt.a"/>
             <p>the webpage ensures that the public can communicate with its senior agency official for privacy;</p>
+            <link rel="depends-on" href="#pm-20_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-20_smt.a"/>
         </part>
         <part id="pm-20_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-20b."/>
-          <link rel="depends-on" href="#pm-20_smt.b"/>
           <part id="pm-20_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20b.[01]"/>
-            <link rel="depends-on" href="#pm-20_smt.b"/>
             <p>the webpage ensures that organizational privacy practices are publicly available;</p>
+            <link rel="depends-on" href="#pm-20_smt.b"/>
           </part>
           <part id="pm-20_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20b.[02]"/>
-            <link rel="depends-on" href="#pm-20_smt.b"/>
             <p>the webpage ensures that organizational privacy reports are publicly available;</p>
+            <link rel="depends-on" href="#pm-20_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-20_smt.b"/>
         </part>
         <part id="pm-20_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-20c."/>
-          <link rel="depends-on" href="#pm-20_smt.c"/>
           <p>the webpage employs publicly facing email addresses and/or phone numbers to enable the public to provide feedback and/or direct questions to privacy offices regarding privacy practices.</p>
+          <link rel="depends-on" href="#pm-20_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-20_smt"/>
       </part>
       <part id="pm-20_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48012,64 +48012,64 @@
         </part>
         <part id="pm-20.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-20(01)"/>
-          <link rel="depends-on" href="#pm-20.1_smt"/>
           <part id="pm-20.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20(01)[01]"/>
-            <link rel="depends-on" href="#pm-20.1_smt"/>
             <p>privacy policies are developed and posted on all external-facing websites;</p>
+            <link rel="depends-on" href="#pm-20.1_smt"/>
           </part>
           <part id="pm-20.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20(01)[02]"/>
-            <link rel="depends-on" href="#pm-20.1_smt"/>
             <p>privacy policies are developed and posted on all mobile applications;</p>
+            <link rel="depends-on" href="#pm-20.1_smt"/>
           </part>
           <part id="pm-20.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20(01)[03]"/>
-            <link rel="depends-on" href="#pm-20.1_smt"/>
             <p>privacy policies are developed and posted on all other digital services;</p>
+            <link rel="depends-on" href="#pm-20.1_smt"/>
           </part>
           <part id="pm-20.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20(01)(a)"/>
-            <link rel="depends-on" href="#pm-20.1_smt.a"/>
             <part id="pm-20.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-20(01)(a)[01]"/>
-              <link rel="depends-on" href="#pm-20.1_smt.a"/>
               <p>the privacy policies are written in plain language;</p>
+              <link rel="depends-on" href="#pm-20.1_smt.a"/>
             </part>
             <part id="pm-20.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-20(01)(a)[02]"/>
-              <link rel="depends-on" href="#pm-20.1_smt.a"/>
               <p>the privacy policies are organized in a way that is easy to understand and navigate;</p>
+              <link rel="depends-on" href="#pm-20.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#pm-20.1_smt.a"/>
           </part>
           <part id="pm-20.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20(01)(b)"/>
-            <link rel="depends-on" href="#pm-20.1_smt.b"/>
             <part id="pm-20.1_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-20(01)(b)[01]"/>
-              <link rel="depends-on" href="#pm-20.1_smt.b"/>
               <p>the privacy policies provide the information needed by the public to make an informed decision about whether to interact with the organization;</p>
+              <link rel="depends-on" href="#pm-20.1_smt.b"/>
             </part>
             <part id="pm-20.1_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-20(01)(b)[02]"/>
-              <link rel="depends-on" href="#pm-20.1_smt.b"/>
               <p>the privacy policies provide the information needed by the public to make an informed decision about how to interact with the organization;</p>
+              <link rel="depends-on" href="#pm-20.1_smt.b"/>
             </part>
+            <link rel="depends-on" href="#pm-20.1_smt.b"/>
           </part>
           <part id="pm-20.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-20(01)(c)"/>
-            <link rel="depends-on" href="#pm-20.1_smt.c"/>
             <part id="pm-20.1_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-20(01)(c)[01]"/>
-              <link rel="depends-on" href="#pm-20.1_smt.c"/>
               <p>the privacy policies are updated whenever the organization makes a substantive change to the practices it describes;</p>
+              <link rel="depends-on" href="#pm-20.1_smt.c"/>
             </part>
             <part id="pm-20.1_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-20(01)(c)[02]"/>
-              <link rel="depends-on" href="#pm-20.1_smt.c"/>
               <p>the privacy policies include a time/date stamp to inform the public of the date of the most recent changes.</p>
+              <link rel="depends-on" href="#pm-20.1_smt.c"/>
             </part>
+            <link rel="depends-on" href="#pm-20.1_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-20.1_smt"/>
         </part>
         <part id="pm-20.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48137,55 +48137,55 @@
       </part>
       <part id="pm-21_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-21"/>
-        <link rel="depends-on" href="#pm-21_smt"/>
         <part id="pm-21_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-21a."/>
-          <link rel="depends-on" href="#pm-21_smt.a"/>
           <p>an accurate accounting of disclosures of personally identifiable information is developed and maintained;</p>
           <part id="pm-21_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-21a.01"/>
-            <link rel="depends-on" href="#pm-21_smt.a.1"/>
             <part id="pm-21_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-21a.01[01]"/>
-              <link rel="depends-on" href="#pm-21_smt.a.1"/>
               <p>the accounting includes the date of each disclosure;</p>
+              <link rel="depends-on" href="#pm-21_smt.a.1"/>
             </part>
             <part id="pm-21_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-21a.01[02]"/>
-              <link rel="depends-on" href="#pm-21_smt.a.1"/>
               <p>the accounting includes the nature of each disclosure;</p>
+              <link rel="depends-on" href="#pm-21_smt.a.1"/>
             </part>
             <part id="pm-21_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-21a.01[03]"/>
-              <link rel="depends-on" href="#pm-21_smt.a.1"/>
               <p>the accounting includes the purpose of each disclosure;</p>
+              <link rel="depends-on" href="#pm-21_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pm-21_smt.a.1"/>
           </part>
           <part id="pm-21_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-21a.02"/>
-            <link rel="depends-on" href="#pm-21_smt.a.2"/>
             <part id="pm-21_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-21a.02[01]"/>
-              <link rel="depends-on" href="#pm-21_smt.a.2"/>
               <p>the accounting includes the name of the individual or organization to whom the disclosure was made;</p>
+              <link rel="depends-on" href="#pm-21_smt.a.2"/>
             </part>
             <part id="pm-21_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-21a.02[02]"/>
-              <link rel="depends-on" href="#pm-21_smt.a.2"/>
               <p>the accounting includes the address or other contact information of the individual or organization to whom the disclosure was made;</p>
+              <link rel="depends-on" href="#pm-21_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-21_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#pm-21_smt.a"/>
         </part>
         <part id="pm-21_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-21b."/>
-          <link rel="depends-on" href="#pm-21_smt.b"/>
           <p>the accounting of disclosures is retained for the length of time that the personally identifiable information is maintained or five years after the disclosure is made, whichever is longer;</p>
+          <link rel="depends-on" href="#pm-21_smt.b"/>
         </part>
         <part id="pm-21_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-21c."/>
-          <link rel="depends-on" href="#pm-21_smt.c"/>
           <p>the accounting of disclosures is made available to the individual to whom the personally identifiable information relates upon request.</p>
+          <link rel="depends-on" href="#pm-21_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-21_smt"/>
       </part>
       <part id="pm-21_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48255,103 +48255,103 @@
       </part>
       <part id="pm-22_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-22"/>
-        <link rel="depends-on" href="#pm-22_smt"/>
         <part id="pm-22_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-22[01]"/>
-          <link rel="depends-on" href="#pm-22_smt"/>
           <p>organization-wide policies for personally identifiable information quality management are developed and documented;</p>
+          <link rel="depends-on" href="#pm-22_smt"/>
         </part>
         <part id="pm-22_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-22[02]"/>
-          <link rel="depends-on" href="#pm-22_smt"/>
           <p>organization-wide procedures for personally identifiable information quality management are developed and documented;</p>
+          <link rel="depends-on" href="#pm-22_smt"/>
         </part>
         <part id="pm-22_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-22a."/>
-          <link rel="depends-on" href="#pm-22_smt.a"/>
           <part id="pm-22_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[01]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the policies address reviewing the accuracy of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[02]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the policies address reviewing the relevance of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[03]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the policies address reviewing the timeliness of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[04]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the policies address reviewing the completeness of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[05]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the procedures address reviewing the accuracy of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[06]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the procedures address reviewing the relevance of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[07]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the procedures address reviewing the timeliness of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
           <part id="pm-22_obj.a-8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22a.[08]"/>
-            <link rel="depends-on" href="#pm-22_smt.a"/>
             <p>the procedures address reviewing the completeness of personally identifiable information across the information life cycle;</p>
+            <link rel="depends-on" href="#pm-22_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-22_smt.a"/>
         </part>
         <part id="pm-22_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-22b."/>
-          <link rel="depends-on" href="#pm-22_smt.b"/>
           <part id="pm-22_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22b.[01]"/>
-            <link rel="depends-on" href="#pm-22_smt.b"/>
             <p>the policies address correcting or deleting inaccurate or outdated personally identifiable information;</p>
+            <link rel="depends-on" href="#pm-22_smt.b"/>
           </part>
           <part id="pm-22_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22b.[02]"/>
-            <link rel="depends-on" href="#pm-22_smt.b"/>
             <p>the procedures address correcting or deleting inaccurate or outdated personally identifiable information;</p>
+            <link rel="depends-on" href="#pm-22_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-22_smt.b"/>
         </part>
         <part id="pm-22_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-22c."/>
-          <link rel="depends-on" href="#pm-22_smt.c"/>
           <part id="pm-22_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22c.[01]"/>
-            <link rel="depends-on" href="#pm-22_smt.c"/>
             <p>the policies address disseminating notice of corrected or deleted personally identifiable information to individuals or other appropriate entities;</p>
+            <link rel="depends-on" href="#pm-22_smt.c"/>
           </part>
           <part id="pm-22_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22c.[02]"/>
-            <link rel="depends-on" href="#pm-22_smt.c"/>
             <p>the procedures address disseminating notice of corrected or deleted personally identifiable information to individuals or other appropriate entities;</p>
+            <link rel="depends-on" href="#pm-22_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-22_smt.c"/>
         </part>
         <part id="pm-22_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-22d."/>
-          <link rel="depends-on" href="#pm-22_smt.d"/>
           <part id="pm-22_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22d.[01]"/>
-            <link rel="depends-on" href="#pm-22_smt.d"/>
             <p>the policies address appeals of adverse decisions on correction or deletion requests;</p>
+            <link rel="depends-on" href="#pm-22_smt.d"/>
           </part>
           <part id="pm-22_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-22d.[02]"/>
-            <link rel="depends-on" href="#pm-22_smt.d"/>
             <p>the procedures address appeals of adverse decisions on correction or deletion requests.</p>
+            <link rel="depends-on" href="#pm-22_smt.d"/>
           </part>
+          <link rel="depends-on" href="#pm-22_smt.d"/>
         </part>
+        <link rel="depends-on" href="#pm-22_smt"/>
       </part>
       <part id="pm-22_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48423,8 +48423,8 @@
       </part>
       <part id="pm-23_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-23"/>
-        <link rel="depends-on" href="#pm-23_smt"/>
         <p>a Data Governance Body consisting of <insert type="param" id-ref="pm-23_odp.01"/> with <insert type="param" id-ref="pm-23_odp.02"/> is established.</p>
+        <link rel="depends-on" href="#pm-23_smt"/>
       </part>
       <part id="pm-23_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48476,18 +48476,18 @@
       </part>
       <part id="pm-24_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-24"/>
-        <link rel="depends-on" href="#pm-24_smt"/>
         <p>a Data Integrity Board is established;</p>
         <part id="pm-24_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-24a."/>
-          <link rel="depends-on" href="#pm-24_smt.a"/>
           <p>the Data Integrity Board reviews proposals to conduct or participate in a matching program;</p>
+          <link rel="depends-on" href="#pm-24_smt.a"/>
         </part>
         <part id="pm-24_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-24b."/>
-          <link rel="depends-on" href="#pm-24_smt.b"/>
           <p>the Data Integrity Board conducts an annual review of all matching programs in which the agency has participated.</p>
+          <link rel="depends-on" href="#pm-24_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-24_smt"/>
       </part>
       <part id="pm-24_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48580,133 +48580,133 @@
       </part>
       <part id="pm-25_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-25"/>
-        <link rel="depends-on" href="#pm-25_smt"/>
         <part id="pm-25_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-25a."/>
-          <link rel="depends-on" href="#pm-25_smt.a"/>
           <part id="pm-25_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[01]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>policies that address the use of personally identifiable information for internal testing are developed and documented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[02]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>policies that address the use of personally identifiable information for internal training are developed and documented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[03]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>policies that address the use of personally identifiable information for internal research are developed and documented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[04]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>procedures that address the use of personally identifiable information for internal testing are developed and documented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[05]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>procedures that address the use of personally identifiable information for internal training are developed and documented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[06]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>procedures that address the use of personally identifiable information for internal research are developed and documented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[07]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>policies that address the use of personally identifiable information for internal testing, are implemented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[08]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>policies that address the use of personally identifiable information for training are implemented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-9" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[09]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>policies that address the use of personally identifiable information for research are implemented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-10" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[10]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>procedures that address the use of personally identifiable information for internal testing are implemented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-11" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[11]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>procedures that address the use of personally identifiable information for training are implemented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
           <part id="pm-25_obj.a-12" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25a.[12]"/>
-            <link rel="depends-on" href="#pm-25_smt.a"/>
             <p>procedures that address the use of personally identifiable information for research are implemented;</p>
+            <link rel="depends-on" href="#pm-25_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-25_smt.a"/>
         </part>
         <part id="pm-25_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-25b."/>
-          <link rel="depends-on" href="#pm-25_smt.b"/>
           <part id="pm-25_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25b.[01]"/>
-            <link rel="depends-on" href="#pm-25_smt.b"/>
             <p>the amount of personally identifiable information used for internal testing purposes is limited or minimized;</p>
+            <link rel="depends-on" href="#pm-25_smt.b"/>
           </part>
           <part id="pm-25_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25b.[02]"/>
-            <link rel="depends-on" href="#pm-25_smt.b"/>
             <p>the amount of personally identifiable information used for internal training purposes is limited or minimized;</p>
+            <link rel="depends-on" href="#pm-25_smt.b"/>
           </part>
           <part id="pm-25_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25b.[03]"/>
-            <link rel="depends-on" href="#pm-25_smt.b"/>
             <p>the amount of personally identifiable information used for internal research purposes is limited or minimized;</p>
+            <link rel="depends-on" href="#pm-25_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-25_smt.b"/>
         </part>
         <part id="pm-25_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-25c."/>
-          <link rel="depends-on" href="#pm-25_smt.c"/>
           <part id="pm-25_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25c.[01]"/>
-            <link rel="depends-on" href="#pm-25_smt.c"/>
             <p>the required use of personally identifiable information for internal testing is authorized;</p>
+            <link rel="depends-on" href="#pm-25_smt.c"/>
           </part>
           <part id="pm-25_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25c.[02]"/>
-            <link rel="depends-on" href="#pm-25_smt.c"/>
             <p>the required use of personally identifiable information for internal training is authorized;</p>
+            <link rel="depends-on" href="#pm-25_smt.c"/>
           </part>
           <part id="pm-25_obj.c-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25c.[03]"/>
-            <link rel="depends-on" href="#pm-25_smt.c"/>
             <p>the required use of personally identifiable information for internal research is authorized;</p>
+            <link rel="depends-on" href="#pm-25_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-25_smt.c"/>
         </part>
         <part id="pm-25_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-25d."/>
-          <link rel="depends-on" href="#pm-25_smt.d"/>
           <part id="pm-25_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25d.[01]"/>
-            <link rel="depends-on" href="#pm-25_smt.d"/>
             <p>policies are reviewed <insert type="param" id-ref="pm-25_odp.01"/>;</p>
+            <link rel="depends-on" href="#pm-25_smt.d"/>
           </part>
           <part id="pm-25_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25d.[02]"/>
-            <link rel="depends-on" href="#pm-25_smt.d"/>
             <p>policies are updated <insert type="param" id-ref="pm-25_odp.02"/>;</p>
+            <link rel="depends-on" href="#pm-25_smt.d"/>
           </part>
           <part id="pm-25_obj.d-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25d.[03]"/>
-            <link rel="depends-on" href="#pm-25_smt.d"/>
             <p>procedures are reviewed <insert type="param" id-ref="pm-25_odp.03"/>;</p>
+            <link rel="depends-on" href="#pm-25_smt.d"/>
           </part>
           <part id="pm-25_obj.d-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-25d.[04]"/>
-            <link rel="depends-on" href="#pm-25_smt.d"/>
             <p>procedures are updated <insert type="param" id-ref="pm-25_odp.04"/>.</p>
+            <link rel="depends-on" href="#pm-25_smt.d"/>
           </part>
+          <link rel="depends-on" href="#pm-25_smt.d"/>
         </part>
+        <link rel="depends-on" href="#pm-25_smt"/>
       </part>
       <part id="pm-25_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48813,60 +48813,60 @@
       </part>
       <part id="pm-26_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-26"/>
-        <link rel="depends-on" href="#pm-26_smt"/>
         <part id="pm-26_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26[01]"/>
-          <link rel="depends-on" href="#pm-26_smt"/>
           <p>a process for receiving complaints, concerns, or questions from individuals about organizational security and privacy practices is implemented;</p>
+          <link rel="depends-on" href="#pm-26_smt"/>
         </part>
         <part id="pm-26_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26[02]"/>
-          <link rel="depends-on" href="#pm-26_smt"/>
           <p>a process for responding to complaints, concerns, or questions from individuals about organizational security and privacy practices is implemented;</p>
+          <link rel="depends-on" href="#pm-26_smt"/>
         </part>
         <part id="pm-26_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26a."/>
-          <link rel="depends-on" href="#pm-26_smt.a"/>
           <part id="pm-26_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-26a.[01]"/>
-            <link rel="depends-on" href="#pm-26_smt.a"/>
             <p>the complaint management process includes mechanisms that are easy to use by the public;</p>
+            <link rel="depends-on" href="#pm-26_smt.a"/>
           </part>
           <part id="pm-26_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-26a.[02]"/>
-            <link rel="depends-on" href="#pm-26_smt.a"/>
             <p>the complaint management process includes mechanisms that are readily accessible by the public;</p>
+            <link rel="depends-on" href="#pm-26_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-26_smt.a"/>
         </part>
         <part id="pm-26_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26b."/>
-          <link rel="depends-on" href="#pm-26_smt.b"/>
           <p>the complaint management process includes all information necessary for successfully filing complaints;</p>
+          <link rel="depends-on" href="#pm-26_smt.b"/>
         </part>
         <part id="pm-26_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26c."/>
-          <link rel="depends-on" href="#pm-26_smt.c"/>
           <part id="pm-26_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-26c.[01]"/>
-            <link rel="depends-on" href="#pm-26_smt.c"/>
             <p>the complaint management process includes tracking mechanisms to ensure that all complaints are reviewed within <insert type="param" id-ref="pm-26_odp.01"/>;</p>
+            <link rel="depends-on" href="#pm-26_smt.c"/>
           </part>
           <part id="pm-26_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-26c.[02]"/>
-            <link rel="depends-on" href="#pm-26_smt.c"/>
             <p>the complaint management process includes tracking mechanisms to ensure that all complaints are addressed within <insert type="param" id-ref="pm-26_odp.02"/>;</p>
+            <link rel="depends-on" href="#pm-26_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pm-26_smt.c"/>
         </part>
         <part id="pm-26_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26d."/>
-          <link rel="depends-on" href="#pm-26_smt.d"/>
           <p>the complaint management process includes acknowledging the receipt of complaints, concerns, or questions from individuals within <insert type="param" id-ref="pm-26_odp.03"/>;</p>
+          <link rel="depends-on" href="#pm-26_smt.d"/>
         </part>
         <part id="pm-26_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-26e."/>
-          <link rel="depends-on" href="#pm-26_smt.e"/>
           <p>the complaint management process includes responding to complaints, concerns, or questions from individuals within <insert type="param" id-ref="pm-26_odp.04"/>.</p>
+          <link rel="depends-on" href="#pm-26_smt.e"/>
         </part>
+        <link rel="depends-on" href="#pm-26_smt"/>
       </part>
       <part id="pm-26_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -48963,36 +48963,36 @@
       </part>
       <part id="pm-27_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-27"/>
-        <link rel="depends-on" href="#pm-27_smt"/>
         <part id="pm-27_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-27a."/>
-          <link rel="depends-on" href="#pm-27_smt.a"/>
           <p><insert type="param" id-ref="pm-27_odp.01"/> are developed;</p>
           <part id="pm-27_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-27a.01"/>
-            <link rel="depends-on" href="#pm-27_smt.a.1"/>
             <p>the privacy reports are disseminated to <insert type="param" id-ref="pm-27_odp.02"/> to demonstrate accountability with statutory, regulatory, and policy privacy mandates;</p>
+            <link rel="depends-on" href="#pm-27_smt.a.1"/>
           </part>
           <part id="pm-27_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-27a.02"/>
-            <link rel="depends-on" href="#pm-27_smt.a.2"/>
             <part id="pm-27_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-27a.02[01]"/>
-              <link rel="depends-on" href="#pm-27_smt.a.2"/>
               <p>the privacy reports are disseminated to <insert type="param" id-ref="pm-27_odp.03"/>;</p>
+              <link rel="depends-on" href="#pm-27_smt.a.2"/>
             </part>
             <part id="pm-27_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-27a.02[02]"/>
-              <link rel="depends-on" href="#pm-27_smt.a.2"/>
               <p>the privacy reports are disseminated to other personnel responsible for monitoring privacy program compliance;</p>
+              <link rel="depends-on" href="#pm-27_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-27_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#pm-27_smt.a"/>
         </part>
         <part id="pm-27_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-27b."/>
-          <link rel="depends-on" href="#pm-27_smt.b"/>
           <p>the privacy reports are reviewed and updated <insert type="param" id-ref="pm-27_odp.04"/>.</p>
+          <link rel="depends-on" href="#pm-27_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-27_smt"/>
       </part>
       <part id="pm-27_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49081,78 +49081,78 @@
       </part>
       <part id="pm-28_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-28"/>
-        <link rel="depends-on" href="#pm-28_smt"/>
         <part id="pm-28_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-28a."/>
-          <link rel="depends-on" href="#pm-28_smt.a"/>
           <part id="pm-28_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-28a.01"/>
-            <link rel="depends-on" href="#pm-28_smt.a.1"/>
             <part id="pm-28_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.01[01]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.1"/>
               <p>assumptions affecting risk assessments are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.1"/>
             </part>
             <part id="pm-28_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.01[02]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.1"/>
               <p>assumptions affecting risk responses are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.1"/>
             </part>
             <part id="pm-28_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.01[03]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.1"/>
               <p>assumptions affecting risk monitoring are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#pm-28_smt.a.1"/>
           </part>
           <part id="pm-28_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-28a.02"/>
-            <link rel="depends-on" href="#pm-28_smt.a.2"/>
             <part id="pm-28_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.02[01]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.2"/>
               <p>constraints affecting risk assessments are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.2"/>
             </part>
             <part id="pm-28_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.02[02]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.2"/>
               <p>constraints affecting risk responses are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.2"/>
             </part>
             <part id="pm-28_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.02[03]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.2"/>
               <p>constraints affecting risk monitoring are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#pm-28_smt.a.2"/>
           </part>
           <part id="pm-28_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-28a.03"/>
-            <link rel="depends-on" href="#pm-28_smt.a.3"/>
             <part id="pm-28_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.03[01]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.3"/>
               <p>priorities considered by the organization for managing risk are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.3"/>
             </part>
             <part id="pm-28_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PM-28a.03[02]"/>
-              <link rel="depends-on" href="#pm-28_smt.a.3"/>
               <p>trade-offs considered by the organization for managing risk are identified and documented;</p>
+              <link rel="depends-on" href="#pm-28_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#pm-28_smt.a.3"/>
           </part>
           <part id="pm-28_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-28a.04"/>
-            <link rel="depends-on" href="#pm-28_smt.a.4"/>
             <p>organizational risk tolerance is identified and documented;</p>
+            <link rel="depends-on" href="#pm-28_smt.a.4"/>
           </part>
+          <link rel="depends-on" href="#pm-28_smt.a"/>
         </part>
         <part id="pm-28_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-28b."/>
-          <link rel="depends-on" href="#pm-28_smt.b"/>
           <p>the results of risk framing activities are distributed to <insert type="param" id-ref="pm-28_odp.01"/>;</p>
+          <link rel="depends-on" href="#pm-28_smt.b"/>
         </part>
         <part id="pm-28_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-28c."/>
-          <link rel="depends-on" href="#pm-28_smt.c"/>
           <p>risk framing considerations are reviewed and updated <insert type="param" id-ref="pm-28_odp.02"/>.</p>
+          <link rel="depends-on" href="#pm-28_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-28_smt"/>
       </part>
       <part id="pm-28_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49212,40 +49212,40 @@
       </part>
       <part id="pm-29_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-29"/>
-        <link rel="depends-on" href="#pm-29_smt"/>
         <part id="pm-29_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-29a."/>
-          <link rel="depends-on" href="#pm-29_smt.a"/>
           <part id="pm-29_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-29a.[01]"/>
-            <link rel="depends-on" href="#pm-29_smt.a"/>
             <p>a Senior Accountable Official for Risk Management is appointed;</p>
+            <link rel="depends-on" href="#pm-29_smt.a"/>
           </part>
           <part id="pm-29_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-29a.[02]"/>
-            <link rel="depends-on" href="#pm-29_smt.a"/>
             <p>a Senior Accountable Official for Risk Management aligns information security and privacy management processes with strategic, operational, and budgetary planning processes;</p>
+            <link rel="depends-on" href="#pm-29_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-29_smt.a"/>
         </part>
         <part id="pm-29_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-29b."/>
-          <link rel="depends-on" href="#pm-29_smt.b"/>
           <part id="pm-29_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-29b.[01]"/>
-            <link rel="depends-on" href="#pm-29_smt.b"/>
             <p>a Risk Executive (function) is established;</p>
+            <link rel="depends-on" href="#pm-29_smt.b"/>
           </part>
           <part id="pm-29_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-29b.[02]"/>
-            <link rel="depends-on" href="#pm-29_smt.b"/>
             <p>a Risk Executive (function) views and analyzes risk from an organization-wide perspective;</p>
+            <link rel="depends-on" href="#pm-29_smt.b"/>
           </part>
           <part id="pm-29_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-29b.[03]"/>
-            <link rel="depends-on" href="#pm-29_smt.b"/>
             <p>a Risk Executive (function) ensures that the management of risk is consistent across the organization.</p>
+            <link rel="depends-on" href="#pm-29_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-29_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pm-29_smt"/>
       </part>
       <part id="pm-29_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49329,86 +49329,86 @@
       </part>
       <part id="pm-30_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-30"/>
-        <link rel="depends-on" href="#pm-30_smt"/>
         <part id="pm-30_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-30a."/>
-          <link rel="depends-on" href="#pm-30_smt.a"/>
           <part id="pm-30_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[01]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>an organization-wide strategy for managing supply chain risks is developed;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[02]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the development of systems;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[03]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the development of system components;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[04]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the development of system services;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[05]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the acquisition of systems;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[06]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the acquisition of system components;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[07]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the acquisition of system services;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[08]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the maintenance of systems;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-9" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[09]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the maintenance of system components;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-10" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[10]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the maintenance of system services;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-11" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[11]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the disposal of systems;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-12" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[12]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the disposal of system components;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
           <part id="pm-30_obj.a-13" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30a.[13]"/>
-            <link rel="depends-on" href="#pm-30_smt.a"/>
             <p>the supply chain risk management strategy addresses risks associated with the disposal of system services;</p>
+            <link rel="depends-on" href="#pm-30_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pm-30_smt.a"/>
         </part>
         <part id="pm-30_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-30b."/>
-          <link rel="depends-on" href="#pm-30_smt.b"/>
           <p>the supply chain risk management strategy is implemented consistently across the organization;</p>
+          <link rel="depends-on" href="#pm-30_smt.b"/>
         </part>
         <part id="pm-30_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-30c."/>
-          <link rel="depends-on" href="#pm-30_smt.c"/>
           <p>the supply chain risk management strategy is reviewed and updated <insert type="param" id-ref="pm-30_odp"/> or as required to address organizational changes.</p>
+          <link rel="depends-on" href="#pm-30_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pm-30_smt"/>
       </part>
       <part id="pm-30_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49448,22 +49448,22 @@
         </part>
         <part id="pm-30.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-30(01)"/>
-          <link rel="depends-on" href="#pm-30.1_smt"/>
           <part id="pm-30.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30(01)[01]"/>
-            <link rel="depends-on" href="#pm-30.1_smt"/>
             <p>suppliers of critical or mission-essential technologies, products, and services are identified;</p>
+            <link rel="depends-on" href="#pm-30.1_smt"/>
           </part>
           <part id="pm-30.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30(01)[02]"/>
-            <link rel="depends-on" href="#pm-30.1_smt"/>
             <p>suppliers of critical or mission-essential technologies, products, and services are prioritized;</p>
+            <link rel="depends-on" href="#pm-30.1_smt"/>
           </part>
           <part id="pm-30.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-30(01)[03]"/>
-            <link rel="depends-on" href="#pm-30.1_smt"/>
             <p>suppliers of critical or mission-essential technologies, products, and services are assessed.</p>
+            <link rel="depends-on" href="#pm-30.1_smt"/>
           </part>
+          <link rel="depends-on" href="#pm-30.1_smt"/>
         </part>
         <part id="pm-30.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49655,74 +49655,74 @@
       </part>
       <part id="pm-31_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-31"/>
-        <link rel="depends-on" href="#pm-31_smt"/>
         <p>an organization-wide continuous monitoring strategy is developed;</p>
         <part id="pm-31_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-31a."/>
-          <link rel="depends-on" href="#pm-31_smt.a"/>
           <p>continuous monitoring programs are implemented that include establishing <insert type="param" id-ref="pm-31_odp.01"/> to be monitored;</p>
+          <link rel="depends-on" href="#pm-31_smt.a"/>
         </part>
         <part id="pm-31_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-31b."/>
-          <link rel="depends-on" href="#pm-31_smt.b"/>
           <part id="pm-31_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31b.[01]"/>
-            <link rel="depends-on" href="#pm-31_smt.b"/>
             <p>continuous monitoring programs are implemented that establish <insert type="param" id-ref="pm-31_odp.02"/> for monitoring;</p>
+            <link rel="depends-on" href="#pm-31_smt.b"/>
           </part>
           <part id="pm-31_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31b.[02]"/>
-            <link rel="depends-on" href="#pm-31_smt.b"/>
             <p>continuous monitoring programs are implemented that establish <insert type="param" id-ref="pm-31_odp.03"/> for assessment of control effectiveness;</p>
+            <link rel="depends-on" href="#pm-31_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pm-31_smt.b"/>
         </part>
         <part id="pm-31_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-31c."/>
-          <link rel="depends-on" href="#pm-31_smt.c"/>
           <p>continuous monitoring programs are implemented that include monitoring <insert type="param" id-ref="pm-31_odp.01"/> on an ongoing basis in accordance with the continuous monitoring strategy;</p>
+          <link rel="depends-on" href="#pm-31_smt.c"/>
         </part>
         <part id="pm-31_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-31d."/>
-          <link rel="depends-on" href="#pm-31_smt.d"/>
           <part id="pm-31_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31d.[01]"/>
-            <link rel="depends-on" href="#pm-31_smt.d"/>
             <p>continuous monitoring programs are implemented that include correlating information generated by control assessments and monitoring;</p>
+            <link rel="depends-on" href="#pm-31_smt.d"/>
           </part>
           <part id="pm-31_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31d.[02]"/>
-            <link rel="depends-on" href="#pm-31_smt.d"/>
             <p>continuous monitoring programs are implemented that include analyzing information generated by control assessments and monitoring;</p>
+            <link rel="depends-on" href="#pm-31_smt.d"/>
           </part>
+          <link rel="depends-on" href="#pm-31_smt.d"/>
         </part>
         <part id="pm-31_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-31e."/>
-          <link rel="depends-on" href="#pm-31_smt.e"/>
           <part id="pm-31_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31e.[01]"/>
-            <link rel="depends-on" href="#pm-31_smt.e"/>
             <p>continuous monitoring programs are implemented that include response actions to address the analysis of control assessment information;</p>
+            <link rel="depends-on" href="#pm-31_smt.e"/>
           </part>
           <part id="pm-31_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31e.[02]"/>
-            <link rel="depends-on" href="#pm-31_smt.e"/>
             <p>continuous monitoring programs are implemented that include response actions to address the analysis of monitoring information;</p>
+            <link rel="depends-on" href="#pm-31_smt.e"/>
           </part>
+          <link rel="depends-on" href="#pm-31_smt.e"/>
         </part>
         <part id="pm-31_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PM-31f."/>
-          <link rel="depends-on" href="#pm-31_smt.f"/>
           <part id="pm-31_obj.f-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31f.[01]"/>
-            <link rel="depends-on" href="#pm-31_smt.f"/>
             <p>continuous monitoring programs are implemented that include reporting the security status of organizational systems to <insert type="param" id-ref="pm-31_odp.04"/> <insert type="param" id-ref="pm-31_odp.06"/>;</p>
+            <link rel="depends-on" href="#pm-31_smt.f"/>
           </part>
           <part id="pm-31_obj.f-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PM-31f.[02]"/>
-            <link rel="depends-on" href="#pm-31_smt.f"/>
             <p>continuous monitoring programs are implemented that include reporting the privacy status of organizational systems to <insert type="param" id-ref="pm-31_odp.05"/> <insert type="param" id-ref="pm-31_odp.07"/>.</p>
+            <link rel="depends-on" href="#pm-31_smt.f"/>
           </part>
+          <link rel="depends-on" href="#pm-31_smt.f"/>
         </part>
+        <link rel="depends-on" href="#pm-31_smt"/>
       </part>
       <part id="pm-31_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49793,8 +49793,8 @@
       </part>
       <part id="pm-32_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PM-32"/>
-        <link rel="depends-on" href="#pm-32_smt"/>
         <p><insert type="param" id-ref="pm-32_odp"/> supporting mission-essential services or functions are analyzed to ensure that the information resources are being used in a manner that is consistent with their intended purpose.</p>
+        <link rel="depends-on" href="#pm-32_smt"/>
       </part>
       <part id="pm-32_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -49944,116 +49944,116 @@
       </part>
       <part id="ps-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-01"/>
-        <link rel="depends-on" href="#ps-1_smt"/>
         <part id="ps-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-01a."/>
-          <link rel="depends-on" href="#ps-1_smt.a"/>
           <part id="ps-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01a.[01]"/>
-            <link rel="depends-on" href="#ps-1_smt.a"/>
             <p>a personnel security policy is developed and documented;</p>
+            <link rel="depends-on" href="#ps-1_smt.a"/>
           </part>
           <part id="ps-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01a.[02]"/>
-            <link rel="depends-on" href="#ps-1_smt.a"/>
             <p>the personnel security policy is disseminated to <insert type="param" id-ref="ps-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ps-1_smt.a"/>
           </part>
           <part id="ps-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01a.[03]"/>
-            <link rel="depends-on" href="#ps-1_smt.a"/>
             <p>personnel security procedures to facilitate the implementation of the personnel security policy and associated personnel security controls are developed and documented;</p>
+            <link rel="depends-on" href="#ps-1_smt.a"/>
           </part>
           <part id="ps-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01a.[04]"/>
-            <link rel="depends-on" href="#ps-1_smt.a"/>
             <p>the personnel security procedures are disseminated to <insert type="param" id-ref="ps-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ps-1_smt.a"/>
           </part>
           <part id="ps-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01a.01"/>
-            <link rel="depends-on" href="#ps-1_smt.a.1"/>
             <part id="ps-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PS-01a.01(a)"/>
-              <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               <part id="ps-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses purpose;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
               <part id="ps-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses scope;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
               <part id="ps-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses roles;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
               <part id="ps-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
               <part id="ps-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
               <part id="ps-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
               <part id="ps-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PS-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy addresses compliance;</p>
+                <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ps-1_smt.a.1.a"/>
             </part>
             <part id="ps-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PS-01a.01(b)"/>
-              <link rel="depends-on" href="#ps-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ps-01_odp.03"/> personnel security policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ps-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ps-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ps-1_smt.a"/>
         </part>
         <part id="ps-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-01b."/>
-          <link rel="depends-on" href="#ps-1_smt.b"/>
           <p>the <insert type="param" id-ref="ps-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the personnel security policy and procedures;</p>
+          <link rel="depends-on" href="#ps-1_smt.b"/>
         </part>
         <part id="ps-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-01c."/>
-          <link rel="depends-on" href="#ps-1_smt.c"/>
           <part id="ps-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01c.01"/>
-            <link rel="depends-on" href="#ps-1_smt.c.1"/>
             <part id="ps-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PS-01c.01[01]"/>
-              <link rel="depends-on" href="#ps-1_smt.c.1"/>
               <p>the current personnel security policy is reviewed and updated <insert type="param" id-ref="ps-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#ps-1_smt.c.1"/>
             </part>
             <part id="ps-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PS-01c.01[02]"/>
-              <link rel="depends-on" href="#ps-1_smt.c.1"/>
               <p>the current personnel security policy is reviewed and updated following <insert type="param" id-ref="ps-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ps-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ps-1_smt.c.1"/>
           </part>
           <part id="ps-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-01c.02"/>
-            <link rel="depends-on" href="#ps-1_smt.c.2"/>
             <part id="ps-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PS-01c.02[01]"/>
-              <link rel="depends-on" href="#ps-1_smt.c.2"/>
               <p>the current personnel security procedures are reviewed and updated <insert type="param" id-ref="ps-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#ps-1_smt.c.2"/>
             </part>
             <part id="ps-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PS-01c.02[02]"/>
-              <link rel="depends-on" href="#ps-1_smt.c.2"/>
               <p>the current personnel security procedures are reviewed and updated following <insert type="param" id-ref="ps-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ps-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ps-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ps-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ps-1_smt"/>
       </part>
       <part id="ps-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50122,22 +50122,22 @@
       </part>
       <part id="ps-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-02"/>
-        <link rel="depends-on" href="#ps-2_smt"/>
         <part id="ps-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-02a."/>
-          <link rel="depends-on" href="#ps-2_smt.a"/>
           <p>a risk designation is assigned to all organizational positions;</p>
+          <link rel="depends-on" href="#ps-2_smt.a"/>
         </part>
         <part id="ps-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-02b."/>
-          <link rel="depends-on" href="#ps-2_smt.b"/>
           <p>screening criteria are established for individuals filling organizational positions;</p>
+          <link rel="depends-on" href="#ps-2_smt.b"/>
         </part>
         <part id="ps-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-02c."/>
-          <link rel="depends-on" href="#ps-2_smt.c"/>
           <p>position risk designations are reviewed and updated <insert type="param" id-ref="ps-02_odp"/>.</p>
+          <link rel="depends-on" href="#ps-2_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ps-2_smt"/>
       </part>
       <part id="ps-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50227,26 +50227,26 @@
       </part>
       <part id="ps-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-03"/>
-        <link rel="depends-on" href="#ps-3_smt"/>
         <part id="ps-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-03a."/>
-          <link rel="depends-on" href="#ps-3_smt.a"/>
           <p>individuals are screened prior to authorizing access to the system;</p>
+          <link rel="depends-on" href="#ps-3_smt.a"/>
         </part>
         <part id="ps-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-03b."/>
-          <link rel="depends-on" href="#ps-3_smt.b"/>
           <part id="ps-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-03b.[01]"/>
-            <link rel="depends-on" href="#ps-3_smt.b"/>
             <p>individuals are rescreened in accordance with <insert type="param" id-ref="ps-03_odp.01"/>;</p>
+            <link rel="depends-on" href="#ps-3_smt.b"/>
           </part>
           <part id="ps-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-03b.[02]"/>
-            <link rel="depends-on" href="#ps-3_smt.b"/>
             <p>where rescreening is so indicated, individuals are rescreened <insert type="param" id-ref="ps-03_odp.02"/>.</p>
+            <link rel="depends-on" href="#ps-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ps-3_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ps-3_smt"/>
       </part>
       <part id="ps-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50291,17 +50291,17 @@
         </part>
         <part id="ps-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-03(01)"/>
-          <link rel="depends-on" href="#ps-3.1_smt"/>
           <part id="ps-3.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-03(01)[01]"/>
-            <link rel="depends-on" href="#ps-3.1_smt"/>
             <p>individuals accessing a system processing, storing, or transmitting classified information are cleared;</p>
+            <link rel="depends-on" href="#ps-3.1_smt"/>
           </part>
           <part id="ps-3.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-03(01)[02]"/>
-            <link rel="depends-on" href="#ps-3.1_smt"/>
             <p>individuals accessing a system processing, storing, or transmitting classified information are indoctrinated to the highest classification level of the information to which they have access on the system.</p>
+            <link rel="depends-on" href="#ps-3.1_smt"/>
           </part>
+          <link rel="depends-on" href="#ps-3.1_smt"/>
         </part>
         <part id="ps-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50347,8 +50347,8 @@
         </part>
         <part id="ps-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-03(02)"/>
-          <link rel="depends-on" href="#ps-3.2_smt"/>
           <p>individuals accessing a system processing, storing, or transmitting types of classified information that require formal indoctrination are formally indoctrinated for all of the relevant types of information to which they have access on the system.</p>
+          <link rel="depends-on" href="#ps-3.2_smt"/>
         </part>
         <part id="ps-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50409,17 +50409,17 @@
         </part>
         <part id="ps-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-03(03)"/>
-          <link rel="depends-on" href="#ps-3.3_smt"/>
           <part id="ps-3.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-03(03)(a)"/>
-            <link rel="depends-on" href="#ps-3.3_smt.a"/>
             <p>individuals accessing a system processing, storing, or transmitting information requiring special protection have valid access authorizations that are demonstrated by assigned official government duties;</p>
+            <link rel="depends-on" href="#ps-3.3_smt.a"/>
           </part>
           <part id="ps-3.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-03(03)(b)"/>
-            <link rel="depends-on" href="#ps-3.3_smt.b"/>
             <p>individuals accessing a system processing, storing, or transmitting information requiring special protection satisfy <insert type="param" id-ref="ps-03.03_odp"/>.</p>
+            <link rel="depends-on" href="#ps-3.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ps-3.3_smt"/>
         </part>
         <part id="ps-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50482,8 +50482,8 @@
         </part>
         <part id="ps-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-03(04)"/>
-          <link rel="depends-on" href="#ps-3.4_smt"/>
           <p>individuals accessing a system processing, storing, or transmitting <insert type="param" id-ref="ps-03.04_odp.01"/> meet <insert type="param" id-ref="ps-03.04_odp.02"/>.</p>
+          <link rel="depends-on" href="#ps-3.4_smt"/>
         </part>
         <part id="ps-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50572,32 +50572,32 @@
       </part>
       <part id="ps-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-04"/>
-        <link rel="depends-on" href="#ps-4_smt"/>
         <part id="ps-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04a."/>
-          <link rel="depends-on" href="#ps-4_smt.a"/>
           <p>upon termination of individual employment, system access is disabled within <insert type="param" id-ref="ps-04_odp.01"/>;</p>
+          <link rel="depends-on" href="#ps-4_smt.a"/>
         </part>
         <part id="ps-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04b."/>
-          <link rel="depends-on" href="#ps-4_smt.b"/>
           <p>upon termination of individual employment, any authenticators and credentials are terminated or revoked;</p>
+          <link rel="depends-on" href="#ps-4_smt.b"/>
         </part>
         <part id="ps-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04c."/>
-          <link rel="depends-on" href="#ps-4_smt.c"/>
           <p>upon termination of individual employment, exit interviews that include a discussion of <insert type="param" id-ref="ps-04_odp.02"/> are conducted;</p>
+          <link rel="depends-on" href="#ps-4_smt.c"/>
         </part>
         <part id="ps-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04d."/>
-          <link rel="depends-on" href="#ps-4_smt.d"/>
           <p>upon termination of individual employment, all security-related organizational system-related property is retrieved;</p>
+          <link rel="depends-on" href="#ps-4_smt.d"/>
         </part>
         <part id="ps-4_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04e."/>
-          <link rel="depends-on" href="#ps-4_smt.e"/>
           <p>upon termination of individual employment, access to organizational information and systems formerly controlled by the terminated individual are retained.</p>
+          <link rel="depends-on" href="#ps-4_smt.e"/>
         </part>
+        <link rel="depends-on" href="#ps-4_smt"/>
       </part>
       <part id="ps-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50654,17 +50654,17 @@
         </part>
         <part id="ps-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04(01)"/>
-          <link rel="depends-on" href="#ps-4.1_smt"/>
           <part id="ps-4.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-04(01)(a)"/>
-            <link rel="depends-on" href="#ps-4.1_smt.a"/>
             <p>terminated individuals are notified of applicable, legally binding post-employment requirements for the protection of organizational information;</p>
+            <link rel="depends-on" href="#ps-4.1_smt.a"/>
           </part>
           <part id="ps-4.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-04(01)(b)"/>
-            <link rel="depends-on" href="#ps-4.1_smt.b"/>
             <p>terminated individuals are required to sign an acknowledgement of post-employment requirements as part of the organizational termination process.</p>
+            <link rel="depends-on" href="#ps-4.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ps-4.1_smt"/>
         </part>
         <part id="ps-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50733,8 +50733,8 @@
         </part>
         <part id="ps-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-04(02)"/>
-          <link rel="depends-on" href="#ps-4.2_smt"/>
           <p><insert type="param" id-ref="ps-04.02_odp.01"/> are used to <insert type="param" id-ref="ps-04.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#ps-4.2_smt"/>
         </part>
         <part id="ps-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50835,27 +50835,27 @@
       </part>
       <part id="ps-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-05"/>
-        <link rel="depends-on" href="#ps-5_smt"/>
         <part id="ps-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-05a."/>
-          <link rel="depends-on" href="#ps-5_smt.a"/>
           <p>the ongoing operational need for current logical and physical access authorizations to systems and facilities are reviewed and confirmed when individuals are reassigned or transferred to other positions within the organization;</p>
+          <link rel="depends-on" href="#ps-5_smt.a"/>
         </part>
         <part id="ps-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-05b."/>
-          <link rel="depends-on" href="#ps-5_smt.b"/>
           <p><insert type="param" id-ref="ps-05_odp.01"/> are initiated within <insert type="param" id-ref="ps-05_odp.02"/>;</p>
+          <link rel="depends-on" href="#ps-5_smt.b"/>
         </part>
         <part id="ps-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-05c."/>
-          <link rel="depends-on" href="#ps-5_smt.c"/>
           <p>access authorization is modified as needed to correspond with any changes in operational need due to reassignment or transfer;</p>
+          <link rel="depends-on" href="#ps-5_smt.c"/>
         </part>
         <part id="ps-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-05d."/>
-          <link rel="depends-on" href="#ps-5_smt.d"/>
           <p><insert type="param" id-ref="ps-05_odp.03"/> are notified within <insert type="param" id-ref="ps-05_odp.04"/>.</p>
+          <link rel="depends-on" href="#ps-5_smt.d"/>
         </part>
+        <link rel="depends-on" href="#ps-5_smt"/>
       </part>
       <part id="ps-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -50949,31 +50949,31 @@
       </part>
       <part id="ps-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-06"/>
-        <link rel="depends-on" href="#ps-6_smt"/>
         <part id="ps-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-06a."/>
-          <link rel="depends-on" href="#ps-6_smt.a"/>
           <p>access agreements are developed and documented for organizational systems;</p>
+          <link rel="depends-on" href="#ps-6_smt.a"/>
         </part>
         <part id="ps-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-06b."/>
-          <link rel="depends-on" href="#ps-6_smt.b"/>
           <p>the access agreements are reviewed and updated <insert type="param" id-ref="ps-06_odp.01"/>;</p>
+          <link rel="depends-on" href="#ps-6_smt.b"/>
         </part>
         <part id="ps-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-06c."/>
-          <link rel="depends-on" href="#ps-6_smt.c"/>
           <part id="ps-6_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06c.01"/>
-            <link rel="depends-on" href="#ps-6_smt.c.1"/>
             <p>individuals requiring access to organizational information and systems sign appropriate access agreements prior to being granted access;</p>
+            <link rel="depends-on" href="#ps-6_smt.c.1"/>
           </part>
           <part id="ps-6_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06c.02"/>
-            <link rel="depends-on" href="#ps-6_smt.c.2"/>
             <p>individuals requiring access to organizational information and systems re-sign access agreements to maintain access to organizational systems when access agreements have been updated or <insert type="param" id-ref="ps-06_odp.02"/>.</p>
+            <link rel="depends-on" href="#ps-6_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ps-6_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ps-6_smt"/>
       </part>
       <part id="ps-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51044,22 +51044,22 @@
         </part>
         <part id="ps-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-06(02)"/>
-          <link rel="depends-on" href="#ps-6.2_smt"/>
           <part id="ps-6.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06(02)(a)"/>
-            <link rel="depends-on" href="#ps-6.2_smt.a"/>
             <p>access to classified information requiring special protection is granted only to individuals who have a valid access authorization that is demonstrated by assigned official government duties;</p>
+            <link rel="depends-on" href="#ps-6.2_smt.a"/>
           </part>
           <part id="ps-6.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06(02)(b)"/>
-            <link rel="depends-on" href="#ps-6.2_smt.b"/>
             <p>access to classified information requiring special protection is granted only to individuals who satisfy associated personnel security criteria;</p>
+            <link rel="depends-on" href="#ps-6.2_smt.b"/>
           </part>
           <part id="ps-6.2_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06(02)(c)"/>
-            <link rel="depends-on" href="#ps-6.2_smt.c"/>
             <p>access to classified information requiring special protection is granted only to individuals who have read, understood, and signed a non-disclosure agreement.</p>
+            <link rel="depends-on" href="#ps-6.2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#ps-6.2_smt"/>
         </part>
         <part id="ps-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51116,17 +51116,17 @@
         </part>
         <part id="ps-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-06(03)"/>
-          <link rel="depends-on" href="#ps-6.3_smt"/>
           <part id="ps-6.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06(03)(a)"/>
-            <link rel="depends-on" href="#ps-6.3_smt.a"/>
             <p>individuals are notified of applicable, legally binding post-employment requirements for the protection of organizational information;</p>
+            <link rel="depends-on" href="#ps-6.3_smt.a"/>
           </part>
           <part id="ps-6.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PS-06(03)(b)"/>
-            <link rel="depends-on" href="#ps-6.3_smt.b"/>
             <p>individuals are required to sign an acknowledgement of applicable, legally binding post-employment requirements as part of being granted initial access to covered information.</p>
+            <link rel="depends-on" href="#ps-6.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ps-6.3_smt"/>
         </part>
         <part id="ps-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51224,32 +51224,32 @@
       </part>
       <part id="ps-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-07"/>
-        <link rel="depends-on" href="#ps-7_smt"/>
         <part id="ps-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-07a."/>
-          <link rel="depends-on" href="#ps-7_smt.a"/>
           <p>personnel security requirements are established, including security roles and responsibilities for external providers;</p>
+          <link rel="depends-on" href="#ps-7_smt.a"/>
         </part>
         <part id="ps-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-07b."/>
-          <link rel="depends-on" href="#ps-7_smt.b"/>
           <p>external providers are required to comply with personnel security policies and procedures established by the organization;</p>
+          <link rel="depends-on" href="#ps-7_smt.b"/>
         </part>
         <part id="ps-7_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-07c."/>
-          <link rel="depends-on" href="#ps-7_smt.c"/>
           <p>personnel security requirements are documented;</p>
+          <link rel="depends-on" href="#ps-7_smt.c"/>
         </part>
         <part id="ps-7_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-07d."/>
-          <link rel="depends-on" href="#ps-7_smt.d"/>
           <p>external providers are required to notify <insert type="param" id-ref="ps-07_odp.01"/> of any personnel transfers or terminations of external personnel who possess organizational credentials and/or badges or who have system privileges within <insert type="param" id-ref="ps-07_odp.02"/>;</p>
+          <link rel="depends-on" href="#ps-7_smt.d"/>
         </part>
         <part id="ps-7_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-07e."/>
-          <link rel="depends-on" href="#ps-7_smt.e"/>
           <p>provider compliance with personnel security requirements is monitored.</p>
+          <link rel="depends-on" href="#ps-7_smt.e"/>
         </part>
+        <link rel="depends-on" href="#ps-7_smt"/>
       </part>
       <part id="ps-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51326,17 +51326,17 @@
       </part>
       <part id="ps-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-08"/>
-        <link rel="depends-on" href="#ps-8_smt"/>
         <part id="ps-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-08a."/>
-          <link rel="depends-on" href="#ps-8_smt.a"/>
           <p>a formal sanctions process is employed for individuals failing to comply with established information security and privacy policies and procedures;</p>
+          <link rel="depends-on" href="#ps-8_smt.a"/>
         </part>
         <part id="ps-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-08b."/>
-          <link rel="depends-on" href="#ps-8_smt.b"/>
           <p><insert type="param" id-ref="ps-08_odp.01"/> is/are notified within <insert type="param" id-ref="ps-08_odp.02"/> when a formal employee sanctions process is initiated, identifying the individual sanctioned and the reason for the sanction.</p>
+          <link rel="depends-on" href="#ps-8_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ps-8_smt"/>
       </part>
       <part id="ps-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51387,17 +51387,17 @@
       </part>
       <part id="ps-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PS-09"/>
-        <link rel="depends-on" href="#ps-9_smt"/>
         <part id="ps-9_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-09[01]"/>
-          <link rel="depends-on" href="#ps-9_smt"/>
           <p>security roles and responsibilities are incorporated into organizational position descriptions;</p>
+          <link rel="depends-on" href="#ps-9_smt"/>
         </part>
         <part id="ps-9_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PS-09[02]"/>
-          <link rel="depends-on" href="#ps-9_smt"/>
           <p>privacy roles and responsibilities are incorporated into organizational position descriptions.</p>
+          <link rel="depends-on" href="#ps-9_smt"/>
         </part>
+        <link rel="depends-on" href="#ps-9_smt"/>
       </part>
       <part id="ps-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51552,116 +51552,116 @@
       </part>
       <part id="pt-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-01"/>
-        <link rel="depends-on" href="#pt-1_smt"/>
         <part id="pt-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-01a."/>
-          <link rel="depends-on" href="#pt-1_smt.a"/>
           <part id="pt-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01a.[01]"/>
-            <link rel="depends-on" href="#pt-1_smt.a"/>
             <p>a personally identifiable information processing and transparency policy is developed and documented;</p>
+            <link rel="depends-on" href="#pt-1_smt.a"/>
           </part>
           <part id="pt-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01a.[02]"/>
-            <link rel="depends-on" href="#pt-1_smt.a"/>
             <p>the personally identifiable information processing and transparency policy is disseminated to <insert type="param" id-ref="pt-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#pt-1_smt.a"/>
           </part>
           <part id="pt-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01a.[03]"/>
-            <link rel="depends-on" href="#pt-1_smt.a"/>
             <p>personally identifiable information processing and transparency procedures to facilitate the implementation of the personally identifiable information processing and transparency policy and associated personally identifiable information processing and transparency controls are developed and documented;</p>
+            <link rel="depends-on" href="#pt-1_smt.a"/>
           </part>
           <part id="pt-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01a.[04]"/>
-            <link rel="depends-on" href="#pt-1_smt.a"/>
             <p>the personally identifiable information processing and transparency procedures are disseminated to <insert type="param" id-ref="pt-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#pt-1_smt.a"/>
           </part>
           <part id="pt-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01a.01"/>
-            <link rel="depends-on" href="#pt-1_smt.a.1"/>
             <part id="pt-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-01a.01(a)"/>
-              <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               <part id="pt-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses purpose;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
               <part id="pt-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses scope;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
               <part id="pt-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses roles;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
               <part id="pt-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
               <part id="pt-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses management commitment;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
               <part id="pt-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
               <part id="pt-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="PT-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy addresses compliance;</p>
+                <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#pt-1_smt.a.1.a"/>
             </part>
             <part id="pt-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-01a.01(b)"/>
-              <link rel="depends-on" href="#pt-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="pt-01_odp.03"/> personally identifiable information processing and transparency policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#pt-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#pt-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#pt-1_smt.a"/>
         </part>
         <part id="pt-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-01b."/>
-          <link rel="depends-on" href="#pt-1_smt.b"/>
           <p>the <insert type="param" id-ref="pt-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the personally identifiable information processing and transparency policy and procedures;</p>
+          <link rel="depends-on" href="#pt-1_smt.b"/>
         </part>
         <part id="pt-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-01c."/>
-          <link rel="depends-on" href="#pt-1_smt.c"/>
           <part id="pt-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01c.01"/>
-            <link rel="depends-on" href="#pt-1_smt.c.1"/>
             <part id="pt-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-01c.01[01]"/>
-              <link rel="depends-on" href="#pt-1_smt.c.1"/>
               <p>the current personally identifiable information processing and transparency policy is reviewed and updated <insert type="param" id-ref="pt-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#pt-1_smt.c.1"/>
             </part>
             <part id="pt-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-01c.01[02]"/>
-              <link rel="depends-on" href="#pt-1_smt.c.1"/>
               <p>the current personally identifiable information processing and transparency policy is reviewed and updated following <insert type="param" id-ref="pt-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#pt-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#pt-1_smt.c.1"/>
           </part>
           <part id="pt-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-01c.02"/>
-            <link rel="depends-on" href="#pt-1_smt.c.2"/>
             <part id="pt-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-01c.02[01]"/>
-              <link rel="depends-on" href="#pt-1_smt.c.2"/>
               <p>the current personally identifiable information processing and transparency procedures are reviewed and updated <insert type="param" id-ref="pt-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#pt-1_smt.c.2"/>
             </part>
             <part id="pt-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-01c.02[02]"/>
-              <link rel="depends-on" href="#pt-1_smt.c.2"/>
               <p>the current personally identifiable information processing and transparency procedures are reviewed and updated following <insert type="param" id-ref="pt-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#pt-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#pt-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#pt-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pt-1_smt"/>
       </part>
       <part id="pt-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51748,17 +51748,17 @@
       </part>
       <part id="pt-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-02"/>
-        <link rel="depends-on" href="#pt-2_smt"/>
         <part id="pt-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-02a."/>
-          <link rel="depends-on" href="#pt-2_smt.a"/>
           <p>the <insert type="param" id-ref="pt-02_odp.01"/> that permits the <insert type="param" id-ref="pt-02_odp.02"/> of personally identifiable information is determined and documented;</p>
+          <link rel="depends-on" href="#pt-2_smt.a"/>
         </part>
         <part id="pt-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-02b."/>
-          <link rel="depends-on" href="#pt-2_smt.b"/>
           <p>the <insert type="param" id-ref="pt-02_odp.03"/> of personally identifiable information is restricted to only that which is authorized.</p>
+          <link rel="depends-on" href="#pt-2_smt.b"/>
         </part>
+        <link rel="depends-on" href="#pt-2_smt"/>
       </part>
       <part id="pt-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51828,8 +51828,8 @@
         </part>
         <part id="pt-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-02(01)"/>
-          <link rel="depends-on" href="#pt-2.1_smt"/>
           <p>data tags containing <insert type="param" id-ref="pt-02.01_odp.01"/> are attached to <insert type="param" id-ref="pt-02.01_odp.02"/>.</p>
+          <link rel="depends-on" href="#pt-2.1_smt"/>
         </part>
         <part id="pt-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -51896,8 +51896,8 @@
         </part>
         <part id="pt-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-02(02)"/>
-          <link rel="depends-on" href="#pt-2.2_smt"/>
           <p>enforcement of the authorized processing of personally identifiable information is managed using <insert type="param" id-ref="pt-02.02_odp"/>.</p>
+          <link rel="depends-on" href="#pt-2.2_smt"/>
         </part>
         <part id="pt-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52007,45 +52007,45 @@
       </part>
       <part id="pt-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-03"/>
-        <link rel="depends-on" href="#pt-3_smt"/>
         <part id="pt-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-03a."/>
-          <link rel="depends-on" href="#pt-3_smt.a"/>
           <p>the <insert type="param" id-ref="pt-03_odp.01"/> for processing personally identifiable information is/are identified and documented;</p>
+          <link rel="depends-on" href="#pt-3_smt.a"/>
         </part>
         <part id="pt-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-03b."/>
-          <link rel="depends-on" href="#pt-3_smt.b"/>
           <part id="pt-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-03b.[01]"/>
-            <link rel="depends-on" href="#pt-3_smt.b"/>
             <p>the purpose(s) is/are described in the public privacy notices of the organization;</p>
+            <link rel="depends-on" href="#pt-3_smt.b"/>
           </part>
           <part id="pt-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-03b.[02]"/>
-            <link rel="depends-on" href="#pt-3_smt.b"/>
             <p>the purpose(s) is/are described in the policies of the organization;</p>
+            <link rel="depends-on" href="#pt-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pt-3_smt.b"/>
         </part>
         <part id="pt-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-03c."/>
-          <link rel="depends-on" href="#pt-3_smt.c"/>
           <p>the <insert type="param" id-ref="pt-03_odp.02"/> of personally identifiable information are restricted to only that which is compatible with the identified purpose(s);</p>
+          <link rel="depends-on" href="#pt-3_smt.c"/>
         </part>
         <part id="pt-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-03d."/>
-          <link rel="depends-on" href="#pt-3_smt.d"/>
           <part id="pt-3_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-03d.[01]"/>
-            <link rel="depends-on" href="#pt-3_smt.d"/>
             <p>changes in the processing of personally identifiable information are monitored;</p>
+            <link rel="depends-on" href="#pt-3_smt.d"/>
           </part>
           <part id="pt-3_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-03d.[02]"/>
-            <link rel="depends-on" href="#pt-3_smt.d"/>
             <p><insert type="param" id-ref="pt-03_odp.03"/> are implemented to ensure that any changes are made in accordance with <insert type="param" id-ref="pt-03_odp.04"/>.</p>
+            <link rel="depends-on" href="#pt-3_smt.d"/>
           </part>
+          <link rel="depends-on" href="#pt-3_smt.d"/>
         </part>
+        <link rel="depends-on" href="#pt-3_smt"/>
       </part>
       <part id="pt-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52121,8 +52121,8 @@
         </part>
         <part id="pt-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-03(01)"/>
-          <link rel="depends-on" href="#pt-3.1_smt"/>
           <p>data tags containing <insert type="param" id-ref="pt-03.01_odp.01"/> are attached to <insert type="param" id-ref="pt-03.01_odp.02"/>.</p>
+          <link rel="depends-on" href="#pt-3.1_smt"/>
         </part>
         <part id="pt-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52187,8 +52187,8 @@
         </part>
         <part id="pt-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-03(02)"/>
-          <link rel="depends-on" href="#pt-3.2_smt"/>
           <p>the processing purposes of personally identifiable information are tracked using <insert type="param" id-ref="pt-03.02_odp"/>.</p>
+          <link rel="depends-on" href="#pt-3.2_smt"/>
         </part>
         <part id="pt-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52246,8 +52246,8 @@
       </part>
       <part id="pt-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-04"/>
-        <link rel="depends-on" href="#pt-4_smt"/>
         <p>the <insert type="param" id-ref="pt-04_odp"/> are implemented for individuals to consent to the processing of their personally identifiable information prior to its collection that facilitate individuals’ informed decision-making.</p>
+        <link rel="depends-on" href="#pt-4_smt"/>
       </part>
       <part id="pt-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52303,8 +52303,8 @@
         </part>
         <part id="pt-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-04(01)"/>
-          <link rel="depends-on" href="#pt-4.1_smt"/>
           <p><insert type="param" id-ref="pt-04.01_odp"/> are provided to allow individuals to tailor processing permissions to selected elements of personally identifiable information.</p>
+          <link rel="depends-on" href="#pt-4.1_smt"/>
         </part>
         <part id="pt-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52377,8 +52377,8 @@
         </part>
         <part id="pt-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-04(02)"/>
-          <link rel="depends-on" href="#pt-4.2_smt"/>
           <p><insert type="param" id-ref="pt-04.02_odp.01"/> are presented to individuals <insert type="param" id-ref="pt-04.02_odp.02"/> and in conjunction with <insert type="param" id-ref="pt-04.02_odp.03"/>.</p>
+          <link rel="depends-on" href="#pt-4.2_smt"/>
         </part>
         <part id="pt-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52433,8 +52433,8 @@
         </part>
         <part id="pt-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-04(03)"/>
-          <link rel="depends-on" href="#pt-4.3_smt"/>
           <p>the <insert type="param" id-ref="pt-04.03_odp"/> are implemented for individuals to revoke consent to the processing of their personally identifiable information.</p>
+          <link rel="depends-on" href="#pt-4.3_smt"/>
         </part>
         <part id="pt-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52529,41 +52529,41 @@
       </part>
       <part id="pt-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-05"/>
-        <link rel="depends-on" href="#pt-5_smt"/>
         <part id="pt-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05a."/>
-          <link rel="depends-on" href="#pt-5_smt.a"/>
           <part id="pt-5_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-05a.[01]"/>
-            <link rel="depends-on" href="#pt-5_smt.a"/>
             <p>a notice to individuals about the processing of personally identifiable information is provided such that the notice is available to individuals upon first interacting with an organization;</p>
+            <link rel="depends-on" href="#pt-5_smt.a"/>
           </part>
           <part id="pt-5_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-05a.[02]"/>
-            <link rel="depends-on" href="#pt-5_smt.a"/>
             <p>a notice to individuals about the processing of personally identifiable information is provided such that the notice is subsequently available to individuals <insert type="param" id-ref="pt-05_odp.01"/>;</p>
+            <link rel="depends-on" href="#pt-5_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pt-5_smt.a"/>
         </part>
         <part id="pt-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05b."/>
-          <link rel="depends-on" href="#pt-5_smt.b"/>
           <p>a notice to individuals about the processing of personally identifiable information is provided that is clear, easy-to-understand, and expresses information about personally identifiable information processing in plain language;</p>
+          <link rel="depends-on" href="#pt-5_smt.b"/>
         </part>
         <part id="pt-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05c."/>
-          <link rel="depends-on" href="#pt-5_smt.c"/>
           <p>a notice to individuals about the processing of personally identifiable information that identifies the authority that authorizes the processing of personally identifiable information is provided;</p>
+          <link rel="depends-on" href="#pt-5_smt.c"/>
         </part>
         <part id="pt-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05d."/>
-          <link rel="depends-on" href="#pt-5_smt.d"/>
           <p>a notice to individuals about the processing of personally identifiable information that identifies the purpose for which personally identifiable information is to be processed is provided;</p>
+          <link rel="depends-on" href="#pt-5_smt.d"/>
         </part>
         <part id="pt-5_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05e."/>
-          <link rel="depends-on" href="#pt-5_smt.e"/>
           <p>a notice to individuals about the processing of personally identifiable information which includes <insert type="param" id-ref="pt-05_odp.02"/> is provided.</p>
+          <link rel="depends-on" href="#pt-5_smt.e"/>
         </part>
+        <link rel="depends-on" href="#pt-5_smt"/>
       </part>
       <part id="pt-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52616,8 +52616,8 @@
         </part>
         <part id="pt-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05(01)"/>
-          <link rel="depends-on" href="#pt-5.1_smt"/>
           <p>a notice of personally identifiable information processing is presented to individuals at a time and location where the individual provides personally identifiable information, in conjunction with a data action, or <insert type="param" id-ref="pt-05.01_odp"/>.</p>
+          <link rel="depends-on" href="#pt-5.1_smt"/>
         </part>
         <part id="pt-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52663,8 +52663,8 @@
         </part>
         <part id="pt-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-05(02)"/>
-          <link rel="depends-on" href="#pt-5.2_smt"/>
           <p>Privacy Act statements are included on forms that collect information that will be maintained in a Privacy Act system of records, or Privacy Act statements are provided on separate forms that can be retained by individuals.</p>
+          <link rel="depends-on" href="#pt-5.2_smt"/>
         </part>
         <part id="pt-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52728,31 +52728,31 @@
       </part>
       <part id="pt-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-06"/>
-        <link rel="depends-on" href="#pt-6_smt"/>
         <part id="pt-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-06a."/>
-          <link rel="depends-on" href="#pt-6_smt.a"/>
           <part id="pt-6_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-06a.[01]"/>
-            <link rel="depends-on" href="#pt-6_smt.a"/>
             <p>system of records notices are drafted in accordance with OMB guidance for systems that process information that will be maintained in a Privacy Act system of records;</p>
+            <link rel="depends-on" href="#pt-6_smt.a"/>
           </part>
           <part id="pt-6_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-06a.[02]"/>
-            <link rel="depends-on" href="#pt-6_smt.a"/>
             <p>new and significantly modified system of records notices are submitted to the OMB and appropriate congressional committees for advance review for systems that process information that will be maintained in a Privacy Act system of records;</p>
+            <link rel="depends-on" href="#pt-6_smt.a"/>
           </part>
+          <link rel="depends-on" href="#pt-6_smt.a"/>
         </part>
         <part id="pt-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-06b."/>
-          <link rel="depends-on" href="#pt-6_smt.b"/>
           <p>system of records notices are published in the Federal Register for systems that process information that will be maintained in a Privacy Act system of records;</p>
+          <link rel="depends-on" href="#pt-6_smt.b"/>
         </part>
         <part id="pt-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-06c."/>
-          <link rel="depends-on" href="#pt-6_smt.c"/>
           <p>system of records notices are kept accurate, up-to-date, and scoped in accordance with policy for systems that process information that will be maintained in a Privacy Act system of records.</p>
+          <link rel="depends-on" href="#pt-6_smt.c"/>
         </part>
+        <link rel="depends-on" href="#pt-6_smt"/>
       </part>
       <part id="pt-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52804,8 +52804,8 @@
         </part>
         <part id="pt-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-06(01)"/>
-          <link rel="depends-on" href="#pt-6.1_smt"/>
           <p>all routine uses published in the system of records notice are reviewed <insert type="param" id-ref="pt-06.01_odp"/> to ensure continued accuracy, and to ensure that routine uses continue to be compatible with the purpose for which the information was collected.</p>
+          <link rel="depends-on" href="#pt-6.1_smt"/>
         </part>
         <part id="pt-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52857,22 +52857,22 @@
         </part>
         <part id="pt-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-06(02)"/>
-          <link rel="depends-on" href="#pt-6.2_smt"/>
           <part id="pt-6.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-06(02)[01]"/>
-            <link rel="depends-on" href="#pt-6.2_smt"/>
             <p>all Privacy Act exemptions claimed for the system of records are reviewed <insert type="param" id-ref="pt-06.02_odp"/> to ensure that they remain appropriate and necessary in accordance with law;</p>
+            <link rel="depends-on" href="#pt-6.2_smt"/>
           </part>
           <part id="pt-6.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-06(02)[02]"/>
-            <link rel="depends-on" href="#pt-6.2_smt"/>
             <p>all Privacy Act exemptions claimed for the system of records are reviewed <insert type="param" id-ref="pt-06.02_odp"/> to ensure that they have been promulgated as regulations;</p>
+            <link rel="depends-on" href="#pt-6.2_smt"/>
           </part>
           <part id="pt-6.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-06(02)[03]"/>
-            <link rel="depends-on" href="#pt-6.2_smt"/>
             <p>all Privacy Act exemptions claimed for the system of records are reviewed <insert type="param" id-ref="pt-06.02_odp"/> to ensure that they are accurately described in the system of records notice.</p>
+            <link rel="depends-on" href="#pt-6.2_smt"/>
           </part>
+          <link rel="depends-on" href="#pt-6.2_smt"/>
         </part>
         <part id="pt-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52933,8 +52933,8 @@
       </part>
       <part id="pt-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-07"/>
-        <link rel="depends-on" href="#pt-7_smt"/>
         <p><insert type="param" id-ref="pt-07_odp"/> are applied for specific categories of personally identifiable information.</p>
+        <link rel="depends-on" href="#pt-7_smt"/>
       </part>
       <part id="pt-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -52995,45 +52995,45 @@
         </part>
         <part id="pt-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-07(01)"/>
-          <link rel="depends-on" href="#pt-7.1_smt"/>
           <part id="pt-7.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-07(01)(a)"/>
-            <link rel="depends-on" href="#pt-7.1_smt.a"/>
             <part id="pt-7.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-07(01)(a)[01]"/>
-              <link rel="depends-on" href="#pt-7.1_smt.a"/>
               <p>when a system processes Social Security numbers, the unnecessary collection, maintenance, and use of Social Security numbers are eliminated;</p>
+              <link rel="depends-on" href="#pt-7.1_smt.a"/>
             </part>
             <part id="pt-7.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-07(01)(a)[02]"/>
-              <link rel="depends-on" href="#pt-7.1_smt.a"/>
               <p>when a system processes Social Security numbers, alternatives to the use of Social Security Numbers as a personal identifier are explored;</p>
+              <link rel="depends-on" href="#pt-7.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#pt-7.1_smt.a"/>
           </part>
           <part id="pt-7.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-07(01)(b)"/>
-            <link rel="depends-on" href="#pt-7.1_smt.b"/>
             <p>when a system processes Social Security numbers, individual rights, benefits, or privileges provided by law are not denied because of an individual’s refusal to disclose their Social Security number;</p>
+            <link rel="depends-on" href="#pt-7.1_smt.b"/>
           </part>
           <part id="pt-7.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-07(01)(c)"/>
-            <link rel="depends-on" href="#pt-7.1_smt.c"/>
             <part id="pt-7.1_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-07(01)(c)[01]"/>
-              <link rel="depends-on" href="#pt-7.1_smt.c"/>
               <p>when a system processes Social Security numbers, any individual who is asked to disclose their Social Security number is informed whether that disclosure is mandatory or voluntary, by what statutory or other authority such number is solicited, and what uses will be made of it;</p>
+              <link rel="depends-on" href="#pt-7.1_smt.c"/>
             </part>
             <part id="pt-7.1_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-07(01)(c)[02]"/>
-              <link rel="depends-on" href="#pt-7.1_smt.c"/>
               <p>when a system processes Social Security numbers, any individual who is asked to disclose their Social Security number is informed by what statutory or other authority the number is solicited;</p>
+              <link rel="depends-on" href="#pt-7.1_smt.c"/>
             </part>
             <part id="pt-7.1_obj.c-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="PT-07(01)(c)[03]"/>
-              <link rel="depends-on" href="#pt-7.1_smt.c"/>
               <p>when a system processes Social Security numbers, any individual who is asked to disclose their Social Security number is informed what uses will be made of it.</p>
+              <link rel="depends-on" href="#pt-7.1_smt.c"/>
             </part>
+            <link rel="depends-on" href="#pt-7.1_smt.c"/>
           </part>
+          <link rel="depends-on" href="#pt-7.1_smt"/>
         </part>
         <part id="pt-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53080,8 +53080,8 @@
         </part>
         <part id="pt-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-07(02)"/>
-          <link rel="depends-on" href="#pt-7.2_smt"/>
           <p>the processing of information describing how any individual exercises rights guaranteed by the First Amendment is prohibited unless expressly authorized by statute or by the individual or unless pertinent to and within the scope of an authorized law enforcement activity.</p>
+          <link rel="depends-on" href="#pt-7.2_smt"/>
         </part>
         <part id="pt-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53150,50 +53150,50 @@
       </part>
       <part id="pt-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="PT-08"/>
-        <link rel="depends-on" href="#pt-8_smt"/>
         <part id="pt-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-08a."/>
-          <link rel="depends-on" href="#pt-8_smt.a"/>
           <p>approval to conduct the matching program is obtained from the Data Integrity Board when a system or organization processes information for the purpose of conducting a matching program;</p>
+          <link rel="depends-on" href="#pt-8_smt.a"/>
         </part>
         <part id="pt-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-08b."/>
-          <link rel="depends-on" href="#pt-8_smt.b"/>
           <part id="pt-8_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-08b.[01]"/>
-            <link rel="depends-on" href="#pt-8_smt.b"/>
             <p>a computer matching agreement is developed when a system or organization processes information for the purpose of conducting a matching program;</p>
+            <link rel="depends-on" href="#pt-8_smt.b"/>
           </part>
           <part id="pt-8_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-08b.[02]"/>
-            <link rel="depends-on" href="#pt-8_smt.b"/>
             <p>a computer matching agreement is entered into when a system or organization processes information for the purpose of conducting a matching program;</p>
+            <link rel="depends-on" href="#pt-8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#pt-8_smt.b"/>
         </part>
         <part id="pt-8_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-08c."/>
-          <link rel="depends-on" href="#pt-8_smt.c"/>
           <p>a matching notice is published in the Federal Register when a system or organization processes information for the purpose of conducting a matching program;</p>
+          <link rel="depends-on" href="#pt-8_smt.c"/>
         </part>
         <part id="pt-8_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-08d."/>
-          <link rel="depends-on" href="#pt-8_smt.d"/>
           <p>the information produced by the matching program is independently verified before taking adverse action against an individual, if required, when a system or organization processes information for the purpose of conducting a matching program;</p>
+          <link rel="depends-on" href="#pt-8_smt.d"/>
         </part>
         <part id="pt-8_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="PT-08e."/>
-          <link rel="depends-on" href="#pt-8_smt.e"/>
           <part id="pt-8_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-08e.[01]"/>
-            <link rel="depends-on" href="#pt-8_smt.e"/>
             <p>individuals are provided with notice when a system or organization processes information for the purpose of conducting a matching program;</p>
+            <link rel="depends-on" href="#pt-8_smt.e"/>
           </part>
           <part id="pt-8_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="PT-08e.[02]"/>
-            <link rel="depends-on" href="#pt-8_smt.e"/>
             <p>individuals are provided with an opportunity to contest the findings before adverse action is taken against them when a system or organization processes information for the purpose of conducting a matching program.</p>
+            <link rel="depends-on" href="#pt-8_smt.e"/>
           </part>
+          <link rel="depends-on" href="#pt-8_smt.e"/>
         </part>
+        <link rel="depends-on" href="#pt-8_smt"/>
       </part>
       <part id="pt-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53358,116 +53358,116 @@
       </part>
       <part id="ra-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-01"/>
-        <link rel="depends-on" href="#ra-1_smt"/>
         <part id="ra-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-01a."/>
-          <link rel="depends-on" href="#ra-1_smt.a"/>
           <part id="ra-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01a.[01]"/>
-            <link rel="depends-on" href="#ra-1_smt.a"/>
             <p>a risk assessment policy is developed and documented;</p>
+            <link rel="depends-on" href="#ra-1_smt.a"/>
           </part>
           <part id="ra-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01a.[02]"/>
-            <link rel="depends-on" href="#ra-1_smt.a"/>
             <p>the risk assessment policy is disseminated to <insert type="param" id-ref="ra-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#ra-1_smt.a"/>
           </part>
           <part id="ra-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01a.[03]"/>
-            <link rel="depends-on" href="#ra-1_smt.a"/>
             <p>risk assessment procedures to facilitate the implementation of the risk assessment policy and associated risk assessment controls are developed and documented;</p>
+            <link rel="depends-on" href="#ra-1_smt.a"/>
           </part>
           <part id="ra-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01a.[04]"/>
-            <link rel="depends-on" href="#ra-1_smt.a"/>
             <p>the risk assessment procedures are disseminated to <insert type="param" id-ref="ra-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#ra-1_smt.a"/>
           </part>
           <part id="ra-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01a.01"/>
-            <link rel="depends-on" href="#ra-1_smt.a.1"/>
             <part id="ra-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="RA-01a.01(a)"/>
-              <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               <part id="ra-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses purpose;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
               <part id="ra-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses scope;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
               <part id="ra-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses roles;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
               <part id="ra-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
               <part id="ra-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses management commitment;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
               <part id="ra-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
               <part id="ra-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="RA-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy addresses compliance;</p>
+                <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#ra-1_smt.a.1.a"/>
             </part>
             <part id="ra-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="RA-01a.01(b)"/>
-              <link rel="depends-on" href="#ra-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="ra-01_odp.03"/> risk assessment policy is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#ra-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#ra-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#ra-1_smt.a"/>
         </part>
         <part id="ra-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-01b."/>
-          <link rel="depends-on" href="#ra-1_smt.b"/>
           <p>the <insert type="param" id-ref="ra-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the risk assessment policy and procedures;</p>
+          <link rel="depends-on" href="#ra-1_smt.b"/>
         </part>
         <part id="ra-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-01c."/>
-          <link rel="depends-on" href="#ra-1_smt.c"/>
           <part id="ra-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01c.01"/>
-            <link rel="depends-on" href="#ra-1_smt.c.1"/>
             <part id="ra-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="RA-01c.01[01]"/>
-              <link rel="depends-on" href="#ra-1_smt.c.1"/>
               <p>the current risk assessment policy is reviewed and updated <insert type="param" id-ref="ra-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#ra-1_smt.c.1"/>
             </part>
             <part id="ra-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="RA-01c.01[02]"/>
-              <link rel="depends-on" href="#ra-1_smt.c.1"/>
               <p>the current risk assessment policy is reviewed and updated following <insert type="param" id-ref="ra-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#ra-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#ra-1_smt.c.1"/>
           </part>
           <part id="ra-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-01c.02"/>
-            <link rel="depends-on" href="#ra-1_smt.c.2"/>
             <part id="ra-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="RA-01c.02[01]"/>
-              <link rel="depends-on" href="#ra-1_smt.c.2"/>
               <p>the current risk assessment procedures are reviewed and updated <insert type="param" id-ref="ra-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#ra-1_smt.c.2"/>
             </part>
             <part id="ra-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="RA-01c.02[02]"/>
-              <link rel="depends-on" href="#ra-1_smt.c.2"/>
               <p>the current risk assessment procedures are reviewed and updated following <insert type="param" id-ref="ra-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#ra-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#ra-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#ra-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ra-1_smt"/>
       </part>
       <part id="ra-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53539,22 +53539,22 @@
       </part>
       <part id="ra-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-02"/>
-        <link rel="depends-on" href="#ra-2_smt"/>
         <part id="ra-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-02a."/>
-          <link rel="depends-on" href="#ra-2_smt.a"/>
           <p>the system and the information it processes, stores, and transmits are categorized;</p>
+          <link rel="depends-on" href="#ra-2_smt.a"/>
         </part>
         <part id="ra-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-02b."/>
-          <link rel="depends-on" href="#ra-2_smt.b"/>
           <p>the security categorization results, including supporting rationale, are documented in the security plan for the system;</p>
+          <link rel="depends-on" href="#ra-2_smt.b"/>
         </part>
         <part id="ra-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-02c."/>
-          <link rel="depends-on" href="#ra-2_smt.c"/>
           <p>the authorizing official or authorizing official designated representative reviews and approves the security categorization decision.</p>
+          <link rel="depends-on" href="#ra-2_smt.c"/>
         </part>
+        <link rel="depends-on" href="#ra-2_smt"/>
       </part>
       <part id="ra-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53599,8 +53599,8 @@
         </part>
         <part id="ra-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-02(01)"/>
-          <link rel="depends-on" href="#ra-2.1_smt"/>
           <p>an impact-level prioritization of organizational systems is conducted to obtain additional granularity on system impact levels.</p>
+          <link rel="depends-on" href="#ra-2.1_smt"/>
         </part>
         <part id="ra-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53758,51 +53758,51 @@
       </part>
       <part id="ra-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-03"/>
-        <link rel="depends-on" href="#ra-3_smt"/>
         <part id="ra-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03a."/>
-          <link rel="depends-on" href="#ra-3_smt.a"/>
           <part id="ra-3_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03a.01"/>
-            <link rel="depends-on" href="#ra-3_smt.a.1"/>
             <p>a risk assessment is conducted to identify threats to and vulnerabilities in the system;</p>
+            <link rel="depends-on" href="#ra-3_smt.a.1"/>
           </part>
           <part id="ra-3_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03a.02"/>
-            <link rel="depends-on" href="#ra-3_smt.a.2"/>
             <p>a risk assessment is conducted to determine the likelihood and magnitude of harm from unauthorized access, use, disclosure, disruption, modification, or destruction of the system; the information it processes, stores, or transmits; and any related information;</p>
+            <link rel="depends-on" href="#ra-3_smt.a.2"/>
           </part>
           <part id="ra-3_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03a.03"/>
-            <link rel="depends-on" href="#ra-3_smt.a.3"/>
             <p>a risk assessment is conducted to determine the likelihood and impact of adverse effects on individuals arising from the processing of personally identifiable information;</p>
+            <link rel="depends-on" href="#ra-3_smt.a.3"/>
           </part>
+          <link rel="depends-on" href="#ra-3_smt.a"/>
         </part>
         <part id="ra-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03b."/>
-          <link rel="depends-on" href="#ra-3_smt.b"/>
           <p>risk assessment results and risk management decisions from the organization and mission or business process perspectives are integrated with system-level risk assessments;</p>
+          <link rel="depends-on" href="#ra-3_smt.b"/>
         </part>
         <part id="ra-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03c."/>
-          <link rel="depends-on" href="#ra-3_smt.c"/>
           <p>risk assessment results are documented in <insert type="param" id-ref="ra-03_odp.01"/>;</p>
+          <link rel="depends-on" href="#ra-3_smt.c"/>
         </part>
         <part id="ra-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03d."/>
-          <link rel="depends-on" href="#ra-3_smt.d"/>
           <p>risk assessment results are reviewed <insert type="param" id-ref="ra-03_odp.03"/>;</p>
+          <link rel="depends-on" href="#ra-3_smt.d"/>
         </part>
         <part id="ra-3_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03e."/>
-          <link rel="depends-on" href="#ra-3_smt.e"/>
           <p>risk assessment results are disseminated to <insert type="param" id-ref="ra-03_odp.04"/>;</p>
+          <link rel="depends-on" href="#ra-3_smt.e"/>
         </part>
         <part id="ra-3_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03f."/>
-          <link rel="depends-on" href="#ra-3_smt.f"/>
           <p>the risk assessment is updated <insert type="param" id-ref="ra-03_odp.05"/> or when there are significant changes to the system, its environment of operation, or other conditions that may impact the security or privacy state of the system.</p>
+          <link rel="depends-on" href="#ra-3_smt.f"/>
         </part>
+        <link rel="depends-on" href="#ra-3_smt"/>
       </part>
       <part id="ra-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53881,17 +53881,17 @@
         </part>
         <part id="ra-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03(01)"/>
-          <link rel="depends-on" href="#ra-3.1_smt"/>
           <part id="ra-3.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03(01)(a)"/>
-            <link rel="depends-on" href="#ra-3.1_smt.a"/>
             <p>supply chain risks associated with <insert type="param" id-ref="ra-03.01_odp.01"/> are assessed;</p>
+            <link rel="depends-on" href="#ra-3.1_smt.a"/>
           </part>
           <part id="ra-3.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03(01)(b)"/>
-            <link rel="depends-on" href="#ra-3.1_smt.b"/>
             <p>the supply chain risk assessment is updated <insert type="param" id-ref="ra-03.01_odp.02"/> , when there are significant changes to the relevant supply chain, or when changes to the system, environments of operation, or other conditions may necessitate a change in the supply chain.</p>
+            <link rel="depends-on" href="#ra-3.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ra-3.1_smt"/>
         </part>
         <part id="ra-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -53946,8 +53946,8 @@
         </part>
         <part id="ra-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03(02)"/>
-          <link rel="depends-on" href="#ra-3.2_smt"/>
           <p>all-source intelligence is used to assist in the analysis of risk.</p>
+          <link rel="depends-on" href="#ra-3.2_smt"/>
         </part>
         <part id="ra-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54007,8 +54007,8 @@
         </part>
         <part id="ra-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03(03)"/>
-          <link rel="depends-on" href="#ra-3.3_smt"/>
           <p>the current cyber threat environment is determined on an ongoing basis using <insert type="param" id-ref="ra-03.03_odp"/>.</p>
+          <link rel="depends-on" href="#ra-3.3_smt"/>
         </part>
         <part id="ra-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54086,17 +54086,17 @@
         </part>
         <part id="ra-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-03(04)"/>
-          <link rel="depends-on" href="#ra-3.4_smt"/>
           <part id="ra-3.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03(04)[01]"/>
-            <link rel="depends-on" href="#ra-3.4_smt"/>
             <p><insert type="param" id-ref="ra-03.04_odp.01"/> are employed to predict and identify risks to <insert type="param" id-ref="ra-03.04_odp.02"/>;</p>
+            <link rel="depends-on" href="#ra-3.4_smt"/>
           </part>
           <part id="ra-3.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-03(04)[02]"/>
-            <link rel="depends-on" href="#ra-3.4_smt"/>
             <p><insert type="param" id-ref="ra-03.04_odp.03"/> are employed to predict and identify risks to <insert type="param" id-ref="ra-03.04_odp.02"/>.</p>
+            <link rel="depends-on" href="#ra-3.4_smt"/>
           </part>
+          <link rel="depends-on" href="#ra-3.4_smt"/>
         </part>
         <part id="ra-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54254,61 +54254,61 @@
       </part>
       <part id="ra-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-05"/>
-        <link rel="depends-on" href="#ra-5_smt"/>
         <part id="ra-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05a."/>
-          <link rel="depends-on" href="#ra-5_smt.a"/>
           <part id="ra-5_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05a.[01]"/>
-            <link rel="depends-on" href="#ra-5_smt.a"/>
             <p>systems and hosted applications are monitored for vulnerabilities <insert type="param" id-ref="ra-05_odp.01"/> and when new vulnerabilities potentially affecting the system are identified and reported;</p>
+            <link rel="depends-on" href="#ra-5_smt.a"/>
           </part>
           <part id="ra-5_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05a.[02]"/>
-            <link rel="depends-on" href="#ra-5_smt.a"/>
             <p>systems and hosted applications are scanned for vulnerabilities <insert type="param" id-ref="ra-05_odp.02"/> and when new vulnerabilities potentially affecting the system are identified and reported;</p>
+            <link rel="depends-on" href="#ra-5_smt.a"/>
           </part>
+          <link rel="depends-on" href="#ra-5_smt.a"/>
         </part>
         <part id="ra-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05b."/>
-          <link rel="depends-on" href="#ra-5_smt.b"/>
           <p>vulnerability monitoring tools and techniques are employed to facilitate interoperability among tools;</p>
           <part id="ra-5_obj.b.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05b.01"/>
-            <link rel="depends-on" href="#ra-5_smt.b.1"/>
             <p>vulnerability monitoring tools and techniques are employed to automate parts of the vulnerability management process by using standards for enumerating platforms, software flaws, and improper configurations;</p>
+            <link rel="depends-on" href="#ra-5_smt.b.1"/>
           </part>
           <part id="ra-5_obj.b.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05b.02"/>
-            <link rel="depends-on" href="#ra-5_smt.b.2"/>
             <p>vulnerability monitoring tools and techniques are employed to facilitate interoperability among tools and to automate parts of the vulnerability management process by using standards for formatting checklists and test procedures;</p>
+            <link rel="depends-on" href="#ra-5_smt.b.2"/>
           </part>
           <part id="ra-5_obj.b.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05b.03"/>
-            <link rel="depends-on" href="#ra-5_smt.b.3"/>
             <p>vulnerability monitoring tools and techniques are employed to facilitate interoperability among tools and to automate parts of the vulnerability management process by using standards for measuring vulnerability impact;</p>
+            <link rel="depends-on" href="#ra-5_smt.b.3"/>
           </part>
+          <link rel="depends-on" href="#ra-5_smt.b"/>
         </part>
         <part id="ra-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05c."/>
-          <link rel="depends-on" href="#ra-5_smt.c"/>
           <p>vulnerability scan reports and results from vulnerability monitoring are analyzed;</p>
+          <link rel="depends-on" href="#ra-5_smt.c"/>
         </part>
         <part id="ra-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05d."/>
-          <link rel="depends-on" href="#ra-5_smt.d"/>
           <p>legitimate vulnerabilities are remediated <insert type="param" id-ref="ra-05_odp.03"/> in accordance with an organizational assessment of risk;</p>
+          <link rel="depends-on" href="#ra-5_smt.d"/>
         </part>
         <part id="ra-5_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05e."/>
-          <link rel="depends-on" href="#ra-5_smt.e"/>
           <p>information obtained from the vulnerability monitoring process and control assessments is shared with <insert type="param" id-ref="ra-05_odp.04"/> to help eliminate similar vulnerabilities in other systems;</p>
+          <link rel="depends-on" href="#ra-5_smt.e"/>
         </part>
         <part id="ra-5_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05f."/>
-          <link rel="depends-on" href="#ra-5_smt.f"/>
           <p>vulnerability monitoring tools that include the capability to readily update the vulnerabilities to be scanned are employed.</p>
+          <link rel="depends-on" href="#ra-5_smt.f"/>
         </part>
+        <link rel="depends-on" href="#ra-5_smt"/>
       </part>
       <part id="ra-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54386,8 +54386,8 @@
         </part>
         <part id="ra-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(02)"/>
-          <link rel="depends-on" href="#ra-5.2_smt"/>
           <p>the system vulnerabilities to be scanned are updated <insert type="param" id-ref="ra-05.02_odp.01"/>.</p>
+          <link rel="depends-on" href="#ra-5.2_smt"/>
         </part>
         <part id="ra-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54437,8 +54437,8 @@
         </part>
         <part id="ra-5.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(03)"/>
-          <link rel="depends-on" href="#ra-5.3_smt"/>
           <p>the breadth and depth of vulnerability scanning coverage are defined.</p>
+          <link rel="depends-on" href="#ra-5.3_smt"/>
         </part>
         <part id="ra-5.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54497,17 +54497,17 @@
         </part>
         <part id="ra-5.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(04)"/>
-          <link rel="depends-on" href="#ra-5.4_smt"/>
           <part id="ra-5.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05(04)[01]"/>
-            <link rel="depends-on" href="#ra-5.4_smt"/>
             <p>information about the system is discoverable;</p>
+            <link rel="depends-on" href="#ra-5.4_smt"/>
           </part>
           <part id="ra-5.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-05(04)[02]"/>
-            <link rel="depends-on" href="#ra-5.4_smt"/>
             <p><insert type="param" id-ref="ra-05.04_odp"/> are taken when information about the system is confirmed as discoverable.</p>
+            <link rel="depends-on" href="#ra-5.4_smt"/>
           </part>
+          <link rel="depends-on" href="#ra-5.4_smt"/>
         </part>
         <part id="ra-5.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54581,8 +54581,8 @@
         </part>
         <part id="ra-5.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(05)"/>
-          <link rel="depends-on" href="#ra-5.5_smt"/>
           <p>privileged access authorization is implemented to <insert type="param" id-ref="ra-05.05_odp.01"/> for <insert type="param" id-ref="ra-05.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#ra-5.5_smt"/>
         </part>
         <part id="ra-5.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54647,8 +54647,8 @@
         </part>
         <part id="ra-5.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(06)"/>
-          <link rel="depends-on" href="#ra-5.6_smt"/>
           <p>the results of multiple vulnerability scans are compared using <insert type="param" id-ref="ra-05.06_odp"/>.</p>
+          <link rel="depends-on" href="#ra-5.6_smt"/>
         </part>
         <part id="ra-5.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54724,8 +54724,8 @@
         </part>
         <part id="ra-5.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(08)"/>
-          <link rel="depends-on" href="#ra-5.8_smt"/>
           <p>historic audit logs are reviewed to determine if a vulnerability identified in a <insert type="param" id-ref="ra-05.08_odp.01"/> has been previously exploited within <insert type="param" id-ref="ra-05.08_odp.02"/>.</p>
+          <link rel="depends-on" href="#ra-5.8_smt"/>
         </part>
         <part id="ra-5.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54787,8 +54787,8 @@
         </part>
         <part id="ra-5.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(10)"/>
-          <link rel="depends-on" href="#ra-5.10_smt"/>
           <p>the output from vulnerability scanning tools is correlated to determine the presence of multi-vulnerability and multi-hop attack vectors.</p>
+          <link rel="depends-on" href="#ra-5.10_smt"/>
         </part>
         <part id="ra-5.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54841,8 +54841,8 @@
         </part>
         <part id="ra-5.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-05(11)"/>
-          <link rel="depends-on" href="#ra-5.11_smt"/>
           <p>a public reporting channel is established for receiving reports of vulnerabilities in organizational systems and system components.</p>
+          <link rel="depends-on" href="#ra-5.11_smt"/>
         </part>
         <part id="ra-5.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54927,8 +54927,8 @@
       </part>
       <part id="ra-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-06"/>
-        <link rel="depends-on" href="#ra-6_smt"/>
         <p>a technical surveillance countermeasures survey is employed at <insert type="param" id-ref="ra-06_odp.01"/> <insert type="param" id-ref="ra-06_odp.02"/>.</p>
+        <link rel="depends-on" href="#ra-6_smt"/>
       </part>
       <part id="ra-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -54987,27 +54987,27 @@
       </part>
       <part id="ra-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-07"/>
-        <link rel="depends-on" href="#ra-7_smt"/>
         <part id="ra-7_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-07[01]"/>
-          <link rel="depends-on" href="#ra-7_smt"/>
           <p>findings from security assessments are responded to in accordance with organizational risk tolerance;</p>
+          <link rel="depends-on" href="#ra-7_smt"/>
         </part>
         <part id="ra-7_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-07[02]"/>
-          <link rel="depends-on" href="#ra-7_smt"/>
           <p>findings from privacy assessments are responded to in accordance with organizational risk tolerance;</p>
+          <link rel="depends-on" href="#ra-7_smt"/>
         </part>
         <part id="ra-7_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-07[03]"/>
-          <link rel="depends-on" href="#ra-7_smt"/>
           <p>findings from monitoring are responded to in accordance with organizational risk tolerance;</p>
+          <link rel="depends-on" href="#ra-7_smt"/>
         </part>
         <part id="ra-7_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-07[04]"/>
-          <link rel="depends-on" href="#ra-7_smt"/>
           <p>findings from audits are responded to in accordance with organizational risk tolerance.</p>
+          <link rel="depends-on" href="#ra-7_smt"/>
         </part>
+        <link rel="depends-on" href="#ra-7_smt"/>
       </part>
       <part id="ra-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55085,26 +55085,26 @@
       </part>
       <part id="ra-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-08"/>
-        <link rel="depends-on" href="#ra-8_smt"/>
         <part id="ra-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-08a."/>
-          <link rel="depends-on" href="#ra-8_smt.a"/>
           <p>privacy impact assessments are conducted for systems, programs, or other activities before developing or procuring information technology that processes personally identifiable information;</p>
+          <link rel="depends-on" href="#ra-8_smt.a"/>
         </part>
         <part id="ra-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-08b."/>
-          <link rel="depends-on" href="#ra-8_smt.b"/>
           <part id="ra-8_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-08b.[01]"/>
-            <link rel="depends-on" href="#ra-8_smt.b"/>
             <p>privacy impact assessments are conducted for systems, programs, or other activities before initiating a collection of personally identifiable information that will be processed using information technology;</p>
+            <link rel="depends-on" href="#ra-8_smt.b"/>
           </part>
           <part id="ra-8_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-08b.[02]"/>
-            <link rel="depends-on" href="#ra-8_smt.b"/>
             <p>privacy impact assessments are conducted for systems, programs, or other activities before initiating a collection of personally identifiable information that includes personally identifiable information permitting the physical or virtual (online) contacting of a specific individual, if identical questions have been posed to, or identical reporting requirements imposed on, ten or more individuals, other than agencies, instrumentalities, or employees of the federal government.</p>
+            <link rel="depends-on" href="#ra-8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#ra-8_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ra-8_smt"/>
       </part>
       <part id="ra-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55183,8 +55183,8 @@
       </part>
       <part id="ra-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-09"/>
-        <link rel="depends-on" href="#ra-9_smt"/>
         <p>critical system components and functions are identified by performing a criticality analysis for <insert type="param" id-ref="ra-09_odp.01"/> at <insert type="param" id-ref="ra-09_odp.02"/>.</p>
+        <link rel="depends-on" href="#ra-9_smt"/>
       </part>
       <part id="ra-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55265,26 +55265,26 @@
       </part>
       <part id="ra-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="RA-10"/>
-        <link rel="depends-on" href="#ra-10_smt"/>
         <part id="ra-10_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-10a."/>
-          <link rel="depends-on" href="#ra-10_smt.a"/>
           <part id="ra-10_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-10a.01"/>
-            <link rel="depends-on" href="#ra-10_smt.a.1"/>
             <p>a cyber threat capability is established and maintained to search for indicators of compromise in organizational systems;</p>
+            <link rel="depends-on" href="#ra-10_smt.a.1"/>
           </part>
           <part id="ra-10_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="RA-10a.02"/>
-            <link rel="depends-on" href="#ra-10_smt.a.2"/>
             <p>a cyber threat capability is established and maintained to detect, track, and disrupt threats that evade existing controls;</p>
+            <link rel="depends-on" href="#ra-10_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#ra-10_smt.a"/>
         </part>
         <part id="ra-10_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="RA-10b."/>
-          <link rel="depends-on" href="#ra-10_smt.b"/>
           <p>the threat hunting capability is employed <insert type="param" id-ref="ra-10_odp"/>.</p>
+          <link rel="depends-on" href="#ra-10_smt.b"/>
         </part>
+        <link rel="depends-on" href="#ra-10_smt"/>
       </part>
       <part id="ra-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55447,116 +55447,116 @@
       </part>
       <part id="sa-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-01"/>
-        <link rel="depends-on" href="#sa-1_smt"/>
         <part id="sa-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-01a."/>
-          <link rel="depends-on" href="#sa-1_smt.a"/>
           <part id="sa-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01a.[01]"/>
-            <link rel="depends-on" href="#sa-1_smt.a"/>
             <p>a system and services acquisition policy is developed and documented;</p>
+            <link rel="depends-on" href="#sa-1_smt.a"/>
           </part>
           <part id="sa-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01a.[02]"/>
-            <link rel="depends-on" href="#sa-1_smt.a"/>
             <p>the system and services acquisition policy is disseminated to <insert type="param" id-ref="sa-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-1_smt.a"/>
           </part>
           <part id="sa-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01a.[03]"/>
-            <link rel="depends-on" href="#sa-1_smt.a"/>
             <p>system and services acquisition procedures to facilitate the implementation of the system and services acquisition policy and associated system and services acquisition controls are developed and documented;</p>
+            <link rel="depends-on" href="#sa-1_smt.a"/>
           </part>
           <part id="sa-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01a.[04]"/>
-            <link rel="depends-on" href="#sa-1_smt.a"/>
             <p>the system and services acquisition procedures are disseminated to <insert type="param" id-ref="sa-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-1_smt.a"/>
           </part>
           <part id="sa-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01a.01"/>
-            <link rel="depends-on" href="#sa-1_smt.a.1"/>
             <part id="sa-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-01a.01(a)"/>
-              <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               <part id="sa-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses purpose;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
               <part id="sa-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses scope;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
               <part id="sa-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses roles;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
               <part id="sa-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
               <part id="sa-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses management commitment;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
               <part id="sa-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
               <part id="sa-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SA-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy addresses compliance;</p>
+                <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#sa-1_smt.a.1.a"/>
             </part>
             <part id="sa-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-01a.01(b)"/>
-              <link rel="depends-on" href="#sa-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="sa-01_odp.03"/> system and services acquisition policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#sa-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#sa-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#sa-1_smt.a"/>
         </part>
         <part id="sa-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-01b."/>
-          <link rel="depends-on" href="#sa-1_smt.b"/>
           <p>the <insert type="param" id-ref="sa-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the system and services acquisition policy and procedures;</p>
+          <link rel="depends-on" href="#sa-1_smt.b"/>
         </part>
         <part id="sa-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-01c."/>
-          <link rel="depends-on" href="#sa-1_smt.c"/>
           <part id="sa-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01c.01"/>
-            <link rel="depends-on" href="#sa-1_smt.c.1"/>
             <part id="sa-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-01c.01[01]"/>
-              <link rel="depends-on" href="#sa-1_smt.c.1"/>
               <p>the system and services acquisition policy is reviewed and updated <insert type="param" id-ref="sa-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#sa-1_smt.c.1"/>
             </part>
             <part id="sa-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-01c.01[02]"/>
-              <link rel="depends-on" href="#sa-1_smt.c.1"/>
               <p>the current system and services acquisition policy is reviewed and updated following <insert type="param" id-ref="sa-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#sa-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#sa-1_smt.c.1"/>
           </part>
           <part id="sa-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-01c.02"/>
-            <link rel="depends-on" href="#sa-1_smt.c.2"/>
             <part id="sa-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-01c.02[01]"/>
-              <link rel="depends-on" href="#sa-1_smt.c.2"/>
               <p>the current system and services acquisition procedures are reviewed and updated <insert type="param" id-ref="sa-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#sa-1_smt.c.2"/>
             </part>
             <part id="sa-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-01c.02[02]"/>
-              <link rel="depends-on" href="#sa-1_smt.c.2"/>
               <p>the current system and services acquisition procedures are reviewed and updated following <insert type="param" id-ref="sa-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#sa-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#sa-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#sa-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sa-1_smt"/>
       </part>
       <part id="sa-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55617,49 +55617,49 @@
       </part>
       <part id="sa-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-02"/>
-        <link rel="depends-on" href="#sa-2_smt"/>
         <part id="sa-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-02a."/>
-          <link rel="depends-on" href="#sa-2_smt.a"/>
           <part id="sa-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-02a.[01]"/>
-            <link rel="depends-on" href="#sa-2_smt.a"/>
             <p>the high-level information security requirements for the system or system service are determined in mission and business process planning;</p>
+            <link rel="depends-on" href="#sa-2_smt.a"/>
           </part>
           <part id="sa-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-02a.[02]"/>
-            <link rel="depends-on" href="#sa-2_smt.a"/>
             <p>the high-level privacy requirements for the system or system service are determined in mission and business process planning;</p>
+            <link rel="depends-on" href="#sa-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sa-2_smt.a"/>
         </part>
         <part id="sa-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-02b."/>
-          <link rel="depends-on" href="#sa-2_smt.b"/>
           <part id="sa-2_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-02b.[01]"/>
-            <link rel="depends-on" href="#sa-2_smt.b"/>
             <p>the resources required to protect the system or system service are determined and documented as part of the organizational capital planning and investment control process;</p>
+            <link rel="depends-on" href="#sa-2_smt.b"/>
           </part>
           <part id="sa-2_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-02b.[02]"/>
-            <link rel="depends-on" href="#sa-2_smt.b"/>
             <p>the resources required to protect the system or system service are allocated as part of the organizational capital planning and investment control process;</p>
+            <link rel="depends-on" href="#sa-2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-2_smt.b"/>
         </part>
         <part id="sa-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-02c."/>
-          <link rel="depends-on" href="#sa-2_smt.c"/>
           <part id="sa-2_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-02c.[01]"/>
-            <link rel="depends-on" href="#sa-2_smt.c"/>
             <p>a discrete line item for information security is established in organizational programming and budgeting documentation;</p>
+            <link rel="depends-on" href="#sa-2_smt.c"/>
           </part>
           <part id="sa-2_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-02c.[02]"/>
-            <link rel="depends-on" href="#sa-2_smt.c"/>
             <p>a discrete line item for privacy is established in organizational programming and budgeting documentation.</p>
+            <link rel="depends-on" href="#sa-2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-2_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sa-2_smt"/>
       </part>
       <part id="sa-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55756,63 +55756,63 @@
       </part>
       <part id="sa-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-03"/>
-        <link rel="depends-on" href="#sa-3_smt"/>
         <part id="sa-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03a."/>
-          <link rel="depends-on" href="#sa-3_smt.a"/>
           <part id="sa-3_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03a.[01]"/>
-            <link rel="depends-on" href="#sa-3_smt.a"/>
             <p>the system is acquired, developed, and managed using <insert type="param" id-ref="sa-03_odp"/> that incorporates information security considerations;</p>
+            <link rel="depends-on" href="#sa-3_smt.a"/>
           </part>
           <part id="sa-3_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03a.[02]"/>
-            <link rel="depends-on" href="#sa-3_smt.a"/>
             <p>the system is acquired, developed, and managed using <insert type="param" id-ref="sa-03_odp"/> that incorporates privacy considerations;</p>
+            <link rel="depends-on" href="#sa-3_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sa-3_smt.a"/>
         </part>
         <part id="sa-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03b."/>
-          <link rel="depends-on" href="#sa-3_smt.b"/>
           <part id="sa-3_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03b.[01]"/>
-            <link rel="depends-on" href="#sa-3_smt.b"/>
             <p>information security roles and responsibilities are defined and documented throughout the system development life cycle;</p>
+            <link rel="depends-on" href="#sa-3_smt.b"/>
           </part>
           <part id="sa-3_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03b.[02]"/>
-            <link rel="depends-on" href="#sa-3_smt.b"/>
             <p>privacy roles and responsibilities are defined and documented throughout the system development life cycle;</p>
+            <link rel="depends-on" href="#sa-3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-3_smt.b"/>
         </part>
         <part id="sa-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03c."/>
-          <link rel="depends-on" href="#sa-3_smt.c"/>
           <part id="sa-3_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03c.[01]"/>
-            <link rel="depends-on" href="#sa-3_smt.c"/>
             <p>individuals with information security roles and responsibilities are identified;</p>
+            <link rel="depends-on" href="#sa-3_smt.c"/>
           </part>
           <part id="sa-3_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03c.[02]"/>
-            <link rel="depends-on" href="#sa-3_smt.c"/>
             <p>individuals with privacy roles and responsibilities are identified;</p>
+            <link rel="depends-on" href="#sa-3_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-3_smt.c"/>
         </part>
         <part id="sa-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03d."/>
-          <link rel="depends-on" href="#sa-3_smt.d"/>
           <part id="sa-3_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03d.[01]"/>
-            <link rel="depends-on" href="#sa-3_smt.d"/>
             <p>organizational information security risk management processes are integrated into system development life cycle activities;</p>
+            <link rel="depends-on" href="#sa-3_smt.d"/>
           </part>
           <part id="sa-3_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03d.[02]"/>
-            <link rel="depends-on" href="#sa-3_smt.d"/>
             <p>organizational privacy risk management processes are integrated into system development life cycle activities.</p>
+            <link rel="depends-on" href="#sa-3_smt.d"/>
           </part>
+          <link rel="depends-on" href="#sa-3_smt.d"/>
         </part>
+        <link rel="depends-on" href="#sa-3_smt"/>
       </part>
       <part id="sa-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55873,8 +55873,8 @@
         </part>
         <part id="sa-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03(01)"/>
-          <link rel="depends-on" href="#sa-3.1_smt"/>
           <p>system pre-production environments are protected commensurate with risk throughout the system development life cycle for the system, system component, or system service.</p>
+          <link rel="depends-on" href="#sa-3.1_smt"/>
         </part>
         <part id="sa-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -55935,31 +55935,31 @@
         </part>
         <part id="sa-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03(02)"/>
-          <link rel="depends-on" href="#sa-3.2_smt"/>
           <part id="sa-3.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03(02)a."/>
-            <link rel="depends-on" href="#sa-3.2_smt.a"/>
             <part id="sa-3.2_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-03(02)a.[01]"/>
-              <link rel="depends-on" href="#sa-3.2_smt.a"/>
               <p>the use of live data in pre-production environments is approved for the system, system component, or system service;</p>
+              <link rel="depends-on" href="#sa-3.2_smt.a"/>
             </part>
             <part id="sa-3.2_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-03(02)a.[02]"/>
-              <link rel="depends-on" href="#sa-3.2_smt.a"/>
               <p>the use of live data in pre-production environments is documented for the system, system component, or system service;</p>
+              <link rel="depends-on" href="#sa-3.2_smt.a"/>
             </part>
             <part id="sa-3.2_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-03(02)a.[03]"/>
-              <link rel="depends-on" href="#sa-3.2_smt.a"/>
               <p>the use of live data in pre-production environments is controlled for the system, system component, or system service;</p>
+              <link rel="depends-on" href="#sa-3.2_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-3.2_smt.a"/>
           </part>
           <part id="sa-3.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03(02)b."/>
-            <link rel="depends-on" href="#sa-3.2_smt.b"/>
             <p>pre-production environments for the system, system component, or system service are protected at the same impact or classification level as any live data in use within the pre-production environments.</p>
+            <link rel="depends-on" href="#sa-3.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-3.2_smt"/>
         </part>
         <part id="sa-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56015,17 +56015,17 @@
         </part>
         <part id="sa-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-03(03)"/>
-          <link rel="depends-on" href="#sa-3.3_smt"/>
           <part id="sa-3.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03(03)[01]"/>
-            <link rel="depends-on" href="#sa-3.3_smt"/>
             <p>a technology refresh schedule is planned for the system throughout the system development life cycle;</p>
+            <link rel="depends-on" href="#sa-3.3_smt"/>
           </part>
           <part id="sa-3.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-03(03)[02]"/>
-            <link rel="depends-on" href="#sa-3.3_smt"/>
             <p>a technology refresh schedule is implemented for the system throughout the system development life cycle.</p>
+            <link rel="depends-on" href="#sa-3.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-3.3_smt"/>
         </part>
         <part id="sa-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56168,111 +56168,111 @@
       </part>
       <part id="sa-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-04"/>
-        <link rel="depends-on" href="#sa-4_smt"/>
         <part id="sa-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04a."/>
-          <link rel="depends-on" href="#sa-4_smt.a"/>
           <part id="sa-4_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04a.[01]"/>
-            <link rel="depends-on" href="#sa-4_smt.a"/>
             <p>security functional requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.a"/>
           </part>
           <part id="sa-4_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04a.[02]"/>
-            <link rel="depends-on" href="#sa-4_smt.a"/>
             <p>privacy functional requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sa-4_smt.a"/>
         </part>
         <part id="sa-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04b."/>
-          <link rel="depends-on" href="#sa-4_smt.b"/>
           <p>strength of mechanism requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+          <link rel="depends-on" href="#sa-4_smt.b"/>
         </part>
         <part id="sa-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04c."/>
-          <link rel="depends-on" href="#sa-4_smt.c"/>
           <part id="sa-4_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04c.[01]"/>
-            <link rel="depends-on" href="#sa-4_smt.c"/>
             <p>security assurance requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.c"/>
           </part>
           <part id="sa-4_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04c.[02]"/>
-            <link rel="depends-on" href="#sa-4_smt.c"/>
             <p>privacy assurance requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-4_smt.c"/>
         </part>
         <part id="sa-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04d."/>
-          <link rel="depends-on" href="#sa-4_smt.d"/>
           <part id="sa-4_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04d.[01]"/>
-            <link rel="depends-on" href="#sa-4_smt.d"/>
             <p>controls needed to satisfy the security requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.d"/>
           </part>
           <part id="sa-4_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04d.[02]"/>
-            <link rel="depends-on" href="#sa-4_smt.d"/>
             <p>controls needed to satisfy the privacy requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.d"/>
           </part>
+          <link rel="depends-on" href="#sa-4_smt.d"/>
         </part>
         <part id="sa-4_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04e."/>
-          <link rel="depends-on" href="#sa-4_smt.e"/>
           <part id="sa-4_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04e.[01]"/>
-            <link rel="depends-on" href="#sa-4_smt.e"/>
             <p>security documentation requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.e"/>
           </part>
           <part id="sa-4_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04e.[02]"/>
-            <link rel="depends-on" href="#sa-4_smt.e"/>
             <p>privacy documentation requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.e"/>
           </part>
+          <link rel="depends-on" href="#sa-4_smt.e"/>
         </part>
         <part id="sa-4_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04f."/>
-          <link rel="depends-on" href="#sa-4_smt.f"/>
           <part id="sa-4_obj.f-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04f.[01]"/>
-            <link rel="depends-on" href="#sa-4_smt.f"/>
             <p>requirements for protecting security documentation, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.f"/>
           </part>
           <part id="sa-4_obj.f-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04f.[02]"/>
-            <link rel="depends-on" href="#sa-4_smt.f"/>
             <p>requirements for protecting privacy documentation, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.f"/>
           </part>
+          <link rel="depends-on" href="#sa-4_smt.f"/>
         </part>
         <part id="sa-4_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04g."/>
-          <link rel="depends-on" href="#sa-4_smt.g"/>
           <p>the description of the system development environment and environment in which the system is intended to operate, requirements, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+          <link rel="depends-on" href="#sa-4_smt.g"/>
         </part>
         <part id="sa-4_obj.h" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04h."/>
-          <link rel="depends-on" href="#sa-4_smt.h"/>
           <part id="sa-4_obj.h-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04h.[01]"/>
-            <link rel="depends-on" href="#sa-4_smt.h"/>
             <p>the allocation of responsibility or identification of parties responsible for information security requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service;</p>
+            <link rel="depends-on" href="#sa-4_smt.h"/>
           </part>
           <part id="sa-4_obj.h-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04h.[02]"/>
-            <link rel="depends-on" href="#sa-4_smt.h"/>
             <p>the allocation of responsibility or identification of parties responsible for privacy requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-4_smt.h"/>
           </part>
           <part id="sa-4_obj.h-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04h.[03]"/>
-            <link rel="depends-on" href="#sa-4_smt.h"/>
             <p>the allocation of responsibility or identification of parties responsible for supply chain risk management requirements, descriptions, and criteria are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-4_smt.h"/>
           </part>
+          <link rel="depends-on" href="#sa-4_smt.h"/>
         </part>
         <part id="sa-4_obj.i" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04i."/>
-          <link rel="depends-on" href="#sa-4_smt.i"/>
           <p>acceptance criteria requirements and descriptions are included explicitly or by reference using <insert type="param" id-ref="sa-04_odp.01"/> in the acquisition contract for the system, system component, or system service.</p>
+          <link rel="depends-on" href="#sa-4_smt.i"/>
         </part>
+        <link rel="depends-on" href="#sa-4_smt"/>
       </part>
       <part id="sa-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56325,8 +56325,8 @@
         </part>
         <part id="sa-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(01)"/>
-          <link rel="depends-on" href="#sa-4.1_smt"/>
           <p>the developer of the system, system component, or system service is required to provide a description of the functional properties of the controls to be implemented.</p>
+          <link rel="depends-on" href="#sa-4.1_smt"/>
         </part>
         <part id="sa-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56405,8 +56405,8 @@
         </part>
         <part id="sa-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(02)"/>
-          <link rel="depends-on" href="#sa-4.2_smt"/>
           <p>the developer of the system, system component, or system service is required to provide design and implementation information for the controls that includes using <insert type="param" id-ref="sa-04.02_odp.01"/> at <insert type="param" id-ref="sa-04.02_odp.03"/>.</p>
+          <link rel="depends-on" href="#sa-4.2_smt"/>
         </part>
         <part id="sa-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56533,22 +56533,22 @@
         </part>
         <part id="sa-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(03)"/>
-          <link rel="depends-on" href="#sa-4.3_smt"/>
           <part id="sa-4.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(03)(a)"/>
-            <link rel="depends-on" href="#sa-4.3_smt.a"/>
             <p>the developer of the system, system component, or system service is required to demonstrate the use of a system development life cycle process that includes <insert type="param" id-ref="sa-04.03_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-4.3_smt.a"/>
           </part>
           <part id="sa-4.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(03)(b)"/>
-            <link rel="depends-on" href="#sa-4.3_smt.b"/>
             <p>the developer of the system, system component, or system service is required to demonstrate the use of a system development life cycle process that includes <insert type="param" id-ref="sa-04.03_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-4.3_smt.b"/>
           </part>
           <part id="sa-4.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(03)(c)"/>
-            <link rel="depends-on" href="#sa-4.3_smt.c"/>
             <p>the developer of the system, system component, or system service is required to demonstrate the use of a system development life cycle process that includes <insert type="param" id-ref="sa-04.03_odp.05"/>.</p>
+            <link rel="depends-on" href="#sa-4.3_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-4.3_smt"/>
         </part>
         <part id="sa-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56627,17 +56627,17 @@
         </part>
         <part id="sa-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(05)"/>
-          <link rel="depends-on" href="#sa-4.5_smt"/>
           <part id="sa-4.5_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(05)(a)"/>
-            <link rel="depends-on" href="#sa-4.5_smt.a"/>
             <p>the developer of the system, system component, or system service is required to deliver the system, component, or service with <insert type="param" id-ref="sa-04.05_odp"/> implemented;</p>
+            <link rel="depends-on" href="#sa-4.5_smt.a"/>
           </part>
           <part id="sa-4.5_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(05)(b)"/>
-            <link rel="depends-on" href="#sa-4.5_smt.b"/>
             <p>the configurations are used as the default for any subsequent system, component, or service reinstallation or upgrade.</p>
+            <link rel="depends-on" href="#sa-4.5_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-4.5_smt"/>
         </part>
         <part id="sa-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56698,17 +56698,17 @@
         </part>
         <part id="sa-4.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(06)"/>
-          <link rel="depends-on" href="#sa-4.6_smt"/>
           <part id="sa-4.6_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(06)(a)"/>
-            <link rel="depends-on" href="#sa-4.6_smt.a"/>
             <p>only government off-the-shelf or commercial off-the-shelf information assurance and information assurance-enabled information technology products that compose an NSA-approved solution to protect classified information when the networks used to transmit the information are at a lower classification level than the information being transmitted are employed;</p>
+            <link rel="depends-on" href="#sa-4.6_smt.a"/>
           </part>
           <part id="sa-4.6_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(06)(b)"/>
-            <link rel="depends-on" href="#sa-4.6_smt.b"/>
             <p>these products have been evaluated and/or validated by NSA or in accordance with NSA-approved procedures.</p>
+            <link rel="depends-on" href="#sa-4.6_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-4.6_smt"/>
         </part>
         <part id="sa-4.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56772,17 +56772,17 @@
         </part>
         <part id="sa-4.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(07)"/>
-          <link rel="depends-on" href="#sa-4.7_smt"/>
           <part id="sa-4.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(07)(a)"/>
-            <link rel="depends-on" href="#sa-4.7_smt.a"/>
             <p>the use of commercially provided information assurance and information assurance-enabled information technology products is limited to those products that have been successfully evaluated against a National Information Assurance partnership (NIAP)-approved Protection Profile for a specific technology type, if such a profile exists;</p>
+            <link rel="depends-on" href="#sa-4.7_smt.a"/>
           </part>
           <part id="sa-4.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(07)(b)"/>
-            <link rel="depends-on" href="#sa-4.7_smt.b"/>
             <p>if no NIAP-approved Protection Profile exists for a specific technology type but a commercially provided information technology product relies on cryptographic functionality to enforce its security policy, that cryptographic module is required to be FIPS-validated or NSA-approved.</p>
+            <link rel="depends-on" href="#sa-4.7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-4.7_smt"/>
         </part>
         <part id="sa-4.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56836,8 +56836,8 @@
         </part>
         <part id="sa-4.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(08)"/>
-          <link rel="depends-on" href="#sa-4.8_smt"/>
           <p>the developer of the system, system component, or system service is required to produce a plan for the continuous monitoring of control effectiveness that is consistent with the continuous monitoring program of the organization.</p>
+          <link rel="depends-on" href="#sa-4.8_smt"/>
         </part>
         <part id="sa-4.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56893,27 +56893,27 @@
         </part>
         <part id="sa-4.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(09)"/>
-          <link rel="depends-on" href="#sa-4.9_smt"/>
           <part id="sa-4.9_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(09)[01]"/>
-            <link rel="depends-on" href="#sa-4.9_smt"/>
             <p>the developer of the system, system component, or system service is required to identify the functions intended for organizational use;</p>
+            <link rel="depends-on" href="#sa-4.9_smt"/>
           </part>
           <part id="sa-4.9_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(09)[02]"/>
-            <link rel="depends-on" href="#sa-4.9_smt"/>
             <p>the developer of the system, system component, or system service is required to identify the ports intended for organizational use;</p>
+            <link rel="depends-on" href="#sa-4.9_smt"/>
           </part>
           <part id="sa-4.9_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(09)[03]"/>
-            <link rel="depends-on" href="#sa-4.9_smt"/>
             <p>the developer of the system, system component, or system service is required to identify the protocols intended for organizational use;</p>
+            <link rel="depends-on" href="#sa-4.9_smt"/>
           </part>
           <part id="sa-4.9_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(09)[04]"/>
-            <link rel="depends-on" href="#sa-4.9_smt"/>
             <p>the developer of the system, system component, or system service is required to identify the services intended for organizational use.</p>
+            <link rel="depends-on" href="#sa-4.9_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-4.9_smt"/>
         </part>
         <part id="sa-4.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -56964,8 +56964,8 @@
         </part>
         <part id="sa-4.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(10)"/>
-          <link rel="depends-on" href="#sa-4.10_smt"/>
           <p>only information technology products on the FIPS 201-approved products list for the Personal Identity Verification (PIV) capability implemented within organizational systems are employed.</p>
+          <link rel="depends-on" href="#sa-4.10_smt"/>
         </part>
         <part id="sa-4.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57026,8 +57026,8 @@
         </part>
         <part id="sa-4.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(11)"/>
-          <link rel="depends-on" href="#sa-4.11_smt"/>
           <p><insert type="param" id-ref="sa-04.11_odp"/> are defined in the acquisition contract for the operation of a system of records on behalf of an organization to accomplish an organizational mission or function.</p>
+          <link rel="depends-on" href="#sa-4.11_smt"/>
         </part>
         <part id="sa-4.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57097,17 +57097,17 @@
         </part>
         <part id="sa-4.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-04(12)"/>
-          <link rel="depends-on" href="#sa-4.12_smt"/>
           <part id="sa-4.12_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(12)(a)"/>
-            <link rel="depends-on" href="#sa-4.12_smt.a"/>
             <p>organizational data ownership requirements are included in the acquisition contract;</p>
+            <link rel="depends-on" href="#sa-4.12_smt.a"/>
           </part>
           <part id="sa-4.12_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-04(12)(b)"/>
-            <link rel="depends-on" href="#sa-4.12_smt.b"/>
             <p>all data to be removed from the contractor’s system and returned to the organization is required within <insert type="param" id-ref="sa-04.12_odp"/>.</p>
+            <link rel="depends-on" href="#sa-4.12_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-4.12_smt"/>
         </part>
         <part id="sa-4.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57241,143 +57241,143 @@
       </part>
       <part id="sa-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-05"/>
-        <link rel="depends-on" href="#sa-5_smt"/>
         <part id="sa-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-05a."/>
-          <link rel="depends-on" href="#sa-5_smt.a"/>
           <part id="sa-5_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05a.01"/>
-            <link rel="depends-on" href="#sa-5_smt.a.1"/>
             <part id="sa-5_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.01[01]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.1"/>
               <p>administrator documentation for the system, system component, or system service that describes the secure configuration of the system, component, or service is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.1"/>
             </part>
             <part id="sa-5_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.01[02]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.1"/>
               <p>administrator documentation for the system, system component, or system service that describes the secure installation of the system, component, or service is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.1"/>
             </part>
             <part id="sa-5_obj.a.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.01[03]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.1"/>
               <p>administrator documentation for the system, system component, or system service that describes the secure operation of the system, component, or service is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#sa-5_smt.a.1"/>
           </part>
           <part id="sa-5_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05a.02"/>
-            <link rel="depends-on" href="#sa-5_smt.a.2"/>
             <part id="sa-5_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.02[01]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.2"/>
               <p>administrator documentation for the system, system component, or system service that describes the effective use of security functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.2"/>
             </part>
             <part id="sa-5_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.02[02]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.2"/>
               <p>administrator documentation for the system, system component, or system service that describes the effective maintenance of security functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.2"/>
             </part>
             <part id="sa-5_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.02[03]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.2"/>
               <p>administrator documentation for the system, system component, or system service that describes the effective use of privacy functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.2"/>
             </part>
             <part id="sa-5_obj.a.2-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.02[04]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.2"/>
               <p>administrator documentation for the system, system component, or system service that describes the effective maintenance of privacy functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#sa-5_smt.a.2"/>
           </part>
           <part id="sa-5_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05a.03"/>
-            <link rel="depends-on" href="#sa-5_smt.a.3"/>
             <part id="sa-5_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.03[01]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.3"/>
               <p>administrator documentation for the system, system component, or system service that describes known vulnerabilities regarding the configuration of administrative or privileged functions is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.3"/>
             </part>
             <part id="sa-5_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05a.03[02]"/>
-              <link rel="depends-on" href="#sa-5_smt.a.3"/>
               <p>administrator documentation for the system, system component, or system service that describes known vulnerabilities regarding the use of administrative or privileged functions is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#sa-5_smt.a.3"/>
           </part>
+          <link rel="depends-on" href="#sa-5_smt.a"/>
         </part>
         <part id="sa-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-05b."/>
-          <link rel="depends-on" href="#sa-5_smt.b"/>
           <part id="sa-5_obj.b.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05b.01"/>
-            <link rel="depends-on" href="#sa-5_smt.b.1"/>
             <part id="sa-5_obj.b.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.01[01]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.1"/>
               <p>user documentation for the system, system component, or system service that describes user-accessible security functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.1"/>
             </part>
             <part id="sa-5_obj.b.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.01[02]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.1"/>
               <p>user documentation for the system, system component, or system service that describes how to effectively use those (user-accessible security) functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.1"/>
             </part>
             <part id="sa-5_obj.b.1-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.01[03]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.1"/>
               <p>user documentation for the system, system component, or system service that describes user-accessible privacy functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.1"/>
             </part>
             <part id="sa-5_obj.b.1-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.01[04]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.1"/>
               <p>user documentation for the system, system component, or system service that describes how to effectively use those (user-accessible privacy) functions and mechanisms is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.1"/>
             </part>
+            <link rel="depends-on" href="#sa-5_smt.b.1"/>
           </part>
           <part id="sa-5_obj.b.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05b.02"/>
-            <link rel="depends-on" href="#sa-5_smt.b.2"/>
             <part id="sa-5_obj.b.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.02[01]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.2"/>
               <p>user documentation for the system, system component, or system service that describes methods for user interaction, which enable individuals to use the system, component, or service in a more secure manner is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.2"/>
             </part>
             <part id="sa-5_obj.b.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.02[02]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.2"/>
               <p>user documentation for the system, system component, or system service that describes methods for user interaction, which enable individuals to use the system, component, or service to protect individual privacy is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.2"/>
             </part>
+            <link rel="depends-on" href="#sa-5_smt.b.2"/>
           </part>
           <part id="sa-5_obj.b.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05b.03"/>
-            <link rel="depends-on" href="#sa-5_smt.b.3"/>
             <part id="sa-5_obj.b.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.03[01]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.3"/>
               <p>user documentation for the system, system component, or system service that describes user responsibilities for maintaining the security of the system, component, or service is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.3"/>
             </part>
             <part id="sa-5_obj.b.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-05b.03[02]"/>
-              <link rel="depends-on" href="#sa-5_smt.b.3"/>
               <p>user documentation for the system, system component, or system service that describes user responsibilities for maintaining the privacy of individuals is obtained or developed;</p>
+              <link rel="depends-on" href="#sa-5_smt.b.3"/>
             </part>
+            <link rel="depends-on" href="#sa-5_smt.b.3"/>
           </part>
+          <link rel="depends-on" href="#sa-5_smt.b"/>
         </part>
         <part id="sa-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-05c."/>
-          <link rel="depends-on" href="#sa-5_smt.c"/>
           <part id="sa-5_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05c.[01]"/>
-            <link rel="depends-on" href="#sa-5_smt.c"/>
             <p>attempts to obtain system, system component, or system service documentation when such documentation is either unavailable or nonexistent is documented;</p>
+            <link rel="depends-on" href="#sa-5_smt.c"/>
           </part>
           <part id="sa-5_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-05c.[02]"/>
-            <link rel="depends-on" href="#sa-5_smt.c"/>
             <p>after attempts to obtain system, system component, or system service documentation when such documentation is either unavailable or nonexistent, <insert type="param" id-ref="sa-05_odp.01"/> are taken in response;</p>
+            <link rel="depends-on" href="#sa-5_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-5_smt.c"/>
         </part>
         <part id="sa-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-05d."/>
-          <link rel="depends-on" href="#sa-5_smt.d"/>
           <p>documentation is distributed to <insert type="param" id-ref="sa-05_odp.02"/>.</p>
+          <link rel="depends-on" href="#sa-5_smt.d"/>
         </part>
+        <link rel="depends-on" href="#sa-5_smt"/>
       </part>
       <part id="sa-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57539,57 +57539,57 @@
       </part>
       <part id="sa-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-08"/>
-        <link rel="depends-on" href="#sa-8_smt"/>
         <part id="sa-8_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[01]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.01"/> are applied in the specification of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[02]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.01"/> are applied in the design of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[03]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.01"/> are applied in the development of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[04]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.01"/> are applied in the implementation of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-5" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[05]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.01"/> are applied in the modification of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-6" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[06]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.02"/> are applied in the specification of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-7" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[07]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.02"/> are applied in the design of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-8" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[08]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.02"/> are applied in the development of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-9" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[09]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.02"/> are applied in the implementation of the system and system components;</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
         <part id="sa-8_obj-10" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08[10]"/>
-          <link rel="depends-on" href="#sa-8_smt"/>
           <p><insert type="param" id-ref="sa-08_odp.02"/> are applied in the modification of the system and system components.</p>
+          <link rel="depends-on" href="#sa-8_smt"/>
         </part>
+        <link rel="depends-on" href="#sa-8_smt"/>
       </part>
       <part id="sa-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57643,8 +57643,8 @@
         </part>
         <part id="sa-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(01)"/>
-          <link rel="depends-on" href="#sa-8.1_smt"/>
           <p>the security design principle of clear abstractions is implemented.</p>
+          <link rel="depends-on" href="#sa-8.1_smt"/>
         </part>
         <part id="sa-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57703,8 +57703,8 @@
         </part>
         <part id="sa-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(02)"/>
-          <link rel="depends-on" href="#sa-8.2_smt"/>
           <p><insert type="param" id-ref="sa-08.02_odp"/> implement the security design principle of least common mechanism.</p>
+          <link rel="depends-on" href="#sa-8.2_smt"/>
         </part>
         <part id="sa-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57776,17 +57776,17 @@
         </part>
         <part id="sa-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(03)"/>
-          <link rel="depends-on" href="#sa-8.3_smt"/>
           <part id="sa-8.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-08(03)[01]"/>
-            <link rel="depends-on" href="#sa-8.3_smt"/>
             <p><insert type="param" id-ref="sa-08.03_odp.01"/> implement the security design principle of modularity;</p>
+            <link rel="depends-on" href="#sa-8.3_smt"/>
           </part>
           <part id="sa-8.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-08(03)[02]"/>
-            <link rel="depends-on" href="#sa-8.3_smt"/>
             <p><insert type="param" id-ref="sa-08.03_odp.02"/> implement the security design principle of layering.</p>
+            <link rel="depends-on" href="#sa-8.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-8.3_smt"/>
         </part>
         <part id="sa-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57846,8 +57846,8 @@
         </part>
         <part id="sa-8.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(04)"/>
-          <link rel="depends-on" href="#sa-8.4_smt"/>
           <p><insert type="param" id-ref="sa-08.04_odp"/> implement the security design principle of partially ordered dependencies.</p>
+          <link rel="depends-on" href="#sa-8.4_smt"/>
         </part>
         <part id="sa-8.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57907,8 +57907,8 @@
         </part>
         <part id="sa-8.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(05)"/>
-          <link rel="depends-on" href="#sa-8.5_smt"/>
           <p><insert type="param" id-ref="sa-08.05_odp"/> implement the security design principle of efficiently mediated access.</p>
+          <link rel="depends-on" href="#sa-8.5_smt"/>
         </part>
         <part id="sa-8.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -57969,8 +57969,8 @@
         </part>
         <part id="sa-8.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(06)"/>
-          <link rel="depends-on" href="#sa-8.6_smt"/>
           <p><insert type="param" id-ref="sa-08.06_odp"/> implement the security design principle of minimized sharing.</p>
+          <link rel="depends-on" href="#sa-8.6_smt"/>
         </part>
         <part id="sa-8.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58029,8 +58029,8 @@
         </part>
         <part id="sa-8.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(07)"/>
-          <link rel="depends-on" href="#sa-8.7_smt"/>
           <p><insert type="param" id-ref="sa-08.07_odp"/> implement the security design principle of reduced complexity.</p>
+          <link rel="depends-on" href="#sa-8.7_smt"/>
         </part>
         <part id="sa-8.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58090,8 +58090,8 @@
         </part>
         <part id="sa-8.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(08)"/>
-          <link rel="depends-on" href="#sa-8.8_smt"/>
           <p><insert type="param" id-ref="sa-08.08_odp"/> implement the security design principle of secure evolvability.</p>
+          <link rel="depends-on" href="#sa-8.8_smt"/>
         </part>
         <part id="sa-8.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58151,8 +58151,8 @@
         </part>
         <part id="sa-8.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(09)"/>
-          <link rel="depends-on" href="#sa-8.9_smt"/>
           <p><insert type="param" id-ref="sa-08.09_odp"/> implement the security design principle of trusted components.</p>
+          <link rel="depends-on" href="#sa-8.9_smt"/>
         </part>
         <part id="sa-8.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58214,8 +58214,8 @@
         </part>
         <part id="sa-8.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(10)"/>
-          <link rel="depends-on" href="#sa-8.10_smt"/>
           <p><insert type="param" id-ref="sa-08.10_odp"/> implement the security design principle of hierarchical trust.</p>
+          <link rel="depends-on" href="#sa-8.10_smt"/>
         </part>
         <part id="sa-8.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58274,8 +58274,8 @@
         </part>
         <part id="sa-8.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(11)"/>
-          <link rel="depends-on" href="#sa-8.11_smt"/>
           <p><insert type="param" id-ref="sa-08.11_odp"/> implement the security design principle of inverse modification threshold.</p>
+          <link rel="depends-on" href="#sa-8.11_smt"/>
         </part>
         <part id="sa-8.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58334,8 +58334,8 @@
         </part>
         <part id="sa-8.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(12)"/>
-          <link rel="depends-on" href="#sa-8.12_smt"/>
           <p><insert type="param" id-ref="sa-08.12_odp"/> implement the security design principle of hierarchical protection.</p>
+          <link rel="depends-on" href="#sa-8.12_smt"/>
         </part>
         <part id="sa-8.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58394,8 +58394,8 @@
         </part>
         <part id="sa-8.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(13)"/>
-          <link rel="depends-on" href="#sa-8.13_smt"/>
           <p><insert type="param" id-ref="sa-08.13_odp"/> implement the security design principle of minimized security elements.</p>
+          <link rel="depends-on" href="#sa-8.13_smt"/>
         </part>
         <part id="sa-8.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58457,8 +58457,8 @@
         </part>
         <part id="sa-8.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(14)"/>
-          <link rel="depends-on" href="#sa-8.14_smt"/>
           <p><insert type="param" id-ref="sa-08.14_odp"/> implement the security design principle of least privilege.</p>
+          <link rel="depends-on" href="#sa-8.14_smt"/>
         </part>
         <part id="sa-8.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58518,8 +58518,8 @@
         </part>
         <part id="sa-8.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(15)"/>
-          <link rel="depends-on" href="#sa-8.15_smt"/>
           <p><insert type="param" id-ref="sa-08.15_odp"/> implement the security design principle of predicate permission.</p>
+          <link rel="depends-on" href="#sa-8.15_smt"/>
         </part>
         <part id="sa-8.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58578,8 +58578,8 @@
         </part>
         <part id="sa-8.16_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(16)"/>
-          <link rel="depends-on" href="#sa-8.16_smt"/>
           <p><insert type="param" id-ref="sa-08.16_odp"/> implement the security design principle of self-reliant trustworthiness.</p>
+          <link rel="depends-on" href="#sa-8.16_smt"/>
         </part>
         <part id="sa-8.16_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58638,8 +58638,8 @@
         </part>
         <part id="sa-8.17_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(17)"/>
-          <link rel="depends-on" href="#sa-8.17_smt"/>
           <p><insert type="param" id-ref="sa-08.17_odp"/> implement the security design principle of secure distributed composition.</p>
+          <link rel="depends-on" href="#sa-8.17_smt"/>
         </part>
         <part id="sa-8.17_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58701,8 +58701,8 @@
         </part>
         <part id="sa-8.18_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(18)"/>
-          <link rel="depends-on" href="#sa-8.18_smt"/>
           <p><insert type="param" id-ref="sa-08.18_odp"/> implement the security design principle of trusted communications channels.</p>
+          <link rel="depends-on" href="#sa-8.18_smt"/>
         </part>
         <part id="sa-8.18_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58763,8 +58763,8 @@
         </part>
         <part id="sa-8.19_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(19)"/>
-          <link rel="depends-on" href="#sa-8.19_smt"/>
           <p><insert type="param" id-ref="sa-08.19_odp"/> implement the security design principle of continuous protection.</p>
+          <link rel="depends-on" href="#sa-8.19_smt"/>
         </part>
         <part id="sa-8.19_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58833,8 +58833,8 @@
         </part>
         <part id="sa-8.20_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(20)"/>
-          <link rel="depends-on" href="#sa-8.20_smt"/>
           <p><insert type="param" id-ref="sa-08.20_odp"/> implement the security design principle of secure metadata management.</p>
+          <link rel="depends-on" href="#sa-8.20_smt"/>
         </part>
         <part id="sa-8.20_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58894,8 +58894,8 @@
         </part>
         <part id="sa-8.21_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(21)"/>
-          <link rel="depends-on" href="#sa-8.21_smt"/>
           <p><insert type="param" id-ref="sa-08.21_odp"/> implement the security design principle of self-analysis.</p>
+          <link rel="depends-on" href="#sa-8.21_smt"/>
         </part>
         <part id="sa-8.21_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -58974,17 +58974,17 @@
         </part>
         <part id="sa-8.22_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(22)"/>
-          <link rel="depends-on" href="#sa-8.22_smt"/>
           <part id="sa-8.22_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-08(22)[01]"/>
-            <link rel="depends-on" href="#sa-8.22_smt"/>
             <p><insert type="param" id-ref="sa-08.22_odp.01"/> implement the security design principle of accountability;</p>
+            <link rel="depends-on" href="#sa-8.22_smt"/>
           </part>
           <part id="sa-8.22_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-08(22)[02]"/>
-            <link rel="depends-on" href="#sa-8.22_smt"/>
             <p><insert type="param" id-ref="sa-08.22_odp.02"/> implement the security design principle of traceability.</p>
+            <link rel="depends-on" href="#sa-8.22_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-8.22_smt"/>
         </part>
         <part id="sa-8.22_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59060,8 +59060,8 @@
         </part>
         <part id="sa-8.23_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(23)"/>
-          <link rel="depends-on" href="#sa-8.23_smt"/>
           <p><insert type="param" id-ref="sa-08.23_odp"/> implement the security design principle of secure defaults.</p>
+          <link rel="depends-on" href="#sa-8.23_smt"/>
         </part>
         <part id="sa-8.23_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59149,17 +59149,17 @@
         </part>
         <part id="sa-8.24_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(24)"/>
-          <link rel="depends-on" href="#sa-8.24_smt"/>
           <part id="sa-8.24_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-08(24)[01]"/>
-            <link rel="depends-on" href="#sa-8.24_smt"/>
             <p><insert type="param" id-ref="sa-08.24_odp.01"/> implement the security design principle of secure failure;</p>
+            <link rel="depends-on" href="#sa-8.24_smt"/>
           </part>
           <part id="sa-8.24_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-08(24)[02]"/>
-            <link rel="depends-on" href="#sa-8.24_smt"/>
             <p><insert type="param" id-ref="sa-08.24_odp.02"/> implement the security design principle of secure recovery.</p>
+            <link rel="depends-on" href="#sa-8.24_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-8.24_smt"/>
         </part>
         <part id="sa-8.24_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59235,8 +59235,8 @@
         </part>
         <part id="sa-8.25_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(25)"/>
-          <link rel="depends-on" href="#sa-8.25_smt"/>
           <p><insert type="param" id-ref="sa-08.25_odp"/> implement the security design principle of economic security.</p>
+          <link rel="depends-on" href="#sa-8.25_smt"/>
         </part>
         <part id="sa-8.25_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59301,8 +59301,8 @@
         </part>
         <part id="sa-8.26_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(26)"/>
-          <link rel="depends-on" href="#sa-8.26_smt"/>
           <p><insert type="param" id-ref="sa-08.26_odp"/> implement the security design principle of performance security.</p>
+          <link rel="depends-on" href="#sa-8.26_smt"/>
         </part>
         <part id="sa-8.26_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59362,8 +59362,8 @@
         </part>
         <part id="sa-8.27_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(27)"/>
-          <link rel="depends-on" href="#sa-8.27_smt"/>
           <p><insert type="param" id-ref="sa-08.27_odp"/> implement the security design principle of human factored security.</p>
+          <link rel="depends-on" href="#sa-8.27_smt"/>
         </part>
         <part id="sa-8.27_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59425,8 +59425,8 @@
         </part>
         <part id="sa-8.28_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(28)"/>
-          <link rel="depends-on" href="#sa-8.28_smt"/>
           <p><insert type="param" id-ref="sa-08.28_odp"/> implement the security design principle of acceptable security.</p>
+          <link rel="depends-on" href="#sa-8.28_smt"/>
         </part>
         <part id="sa-8.28_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59499,8 +59499,8 @@
         </part>
         <part id="sa-8.29_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(29)"/>
-          <link rel="depends-on" href="#sa-8.29_smt"/>
           <p><insert type="param" id-ref="sa-08.29_odp"/> implement the security design principle of repeatable and documented procedures.</p>
+          <link rel="depends-on" href="#sa-8.29_smt"/>
         </part>
         <part id="sa-8.29_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59562,8 +59562,8 @@
         </part>
         <part id="sa-8.30_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(30)"/>
-          <link rel="depends-on" href="#sa-8.30_smt"/>
           <p><insert type="param" id-ref="sa-08.30_odp"/> implement the security design principle of procedural rigor.</p>
+          <link rel="depends-on" href="#sa-8.30_smt"/>
         </part>
         <part id="sa-8.30_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59625,8 +59625,8 @@
         </part>
         <part id="sa-8.31_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(31)"/>
-          <link rel="depends-on" href="#sa-8.31_smt"/>
           <p><insert type="param" id-ref="sa-08.31_odp"/> implement the security design principle of secure system modification.</p>
+          <link rel="depends-on" href="#sa-8.31_smt"/>
         </part>
         <part id="sa-8.31_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59694,8 +59694,8 @@
         </part>
         <part id="sa-8.32_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(32)"/>
-          <link rel="depends-on" href="#sa-8.32_smt"/>
           <p><insert type="param" id-ref="sa-08.32_odp"/> implement the security design principle of sufficient documentation.</p>
+          <link rel="depends-on" href="#sa-8.32_smt"/>
         </part>
         <part id="sa-8.32_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59764,8 +59764,8 @@
         </part>
         <part id="sa-8.33_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-08(33)"/>
-          <link rel="depends-on" href="#sa-8.33_smt"/>
           <p>the privacy principle of minimization is implemented using <insert type="param" id-ref="sa-08.33_odp"/>.</p>
+          <link rel="depends-on" href="#sa-8.33_smt"/>
         </part>
         <part id="sa-8.33_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59868,45 +59868,45 @@
       </part>
       <part id="sa-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-09"/>
-        <link rel="depends-on" href="#sa-9_smt"/>
         <part id="sa-9_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09a."/>
-          <link rel="depends-on" href="#sa-9_smt.a"/>
           <part id="sa-9_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09a.[01]"/>
-            <link rel="depends-on" href="#sa-9_smt.a"/>
             <p>providers of external system services comply with organizational security requirements;</p>
+            <link rel="depends-on" href="#sa-9_smt.a"/>
           </part>
           <part id="sa-9_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09a.[02]"/>
-            <link rel="depends-on" href="#sa-9_smt.a"/>
             <p>providers of external system services comply with organizational privacy requirements;</p>
+            <link rel="depends-on" href="#sa-9_smt.a"/>
           </part>
           <part id="sa-9_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09a.[03]"/>
-            <link rel="depends-on" href="#sa-9_smt.a"/>
             <p>providers of external system services employ <insert type="param" id-ref="sa-09_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-9_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sa-9_smt.a"/>
         </part>
         <part id="sa-9_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09b."/>
-          <link rel="depends-on" href="#sa-9_smt.b"/>
           <part id="sa-9_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09b.[01]"/>
-            <link rel="depends-on" href="#sa-9_smt.b"/>
             <p>organizational oversight with regard to external system services are defined and documented;</p>
+            <link rel="depends-on" href="#sa-9_smt.b"/>
           </part>
           <part id="sa-9_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09b.[02]"/>
-            <link rel="depends-on" href="#sa-9_smt.b"/>
             <p>user roles and responsibilities with regard to external system services are defined and documented;</p>
+            <link rel="depends-on" href="#sa-9_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-9_smt.b"/>
         </part>
         <part id="sa-9_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09c."/>
-          <link rel="depends-on" href="#sa-9_smt.c"/>
           <p><insert type="param" id-ref="sa-09_odp.02"/> are employed to monitor control compliance by external service providers on an ongoing basis.</p>
+          <link rel="depends-on" href="#sa-9_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sa-9_smt"/>
       </part>
       <part id="sa-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -59980,17 +59980,17 @@
         </part>
         <part id="sa-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(01)"/>
-          <link rel="depends-on" href="#sa-9.1_smt"/>
           <part id="sa-9.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09(01)(a)"/>
-            <link rel="depends-on" href="#sa-9.1_smt.a"/>
             <p>an organizational assessment of risk is conducted prior to the acquisition or outsourcing of information security services;</p>
+            <link rel="depends-on" href="#sa-9.1_smt.a"/>
           </part>
           <part id="sa-9.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09(01)(b)"/>
-            <link rel="depends-on" href="#sa-9.1_smt.b"/>
             <p><insert type="param" id-ref="sa-09.01_odp"/> approve the acquisition or outsourcing of dedicated information security services.</p>
+            <link rel="depends-on" href="#sa-9.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-9.1_smt"/>
         </part>
         <part id="sa-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60056,8 +60056,8 @@
         </part>
         <part id="sa-9.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(02)"/>
-          <link rel="depends-on" href="#sa-9.2_smt"/>
           <p>providers of <insert type="param" id-ref="sa-09.02_odp"/> are required to identify the functions, ports, protocols, and other services required for the use of such services.</p>
+          <link rel="depends-on" href="#sa-9.2_smt"/>
         </part>
         <part id="sa-9.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60123,27 +60123,27 @@
         </part>
         <part id="sa-9.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(03)"/>
-          <link rel="depends-on" href="#sa-9.3_smt"/>
           <part id="sa-9.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09(03)[01]"/>
-            <link rel="depends-on" href="#sa-9.3_smt"/>
             <p>trust relationships with external service provides based on <insert type="param" id-ref="sa-09.03_odp.01"/> are established and documented;</p>
+            <link rel="depends-on" href="#sa-9.3_smt"/>
           </part>
           <part id="sa-9.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09(03)[02]"/>
-            <link rel="depends-on" href="#sa-9.3_smt"/>
             <p>trust relationships with external service provides based on <insert type="param" id-ref="sa-09.03_odp.01"/> are maintained;</p>
+            <link rel="depends-on" href="#sa-9.3_smt"/>
           </part>
           <part id="sa-9.3_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09(03)[03]"/>
-            <link rel="depends-on" href="#sa-9.3_smt"/>
             <p>trust relationships with external service provides based on <insert type="param" id-ref="sa-09.03_odp.02"/> are established and documented;</p>
+            <link rel="depends-on" href="#sa-9.3_smt"/>
           </part>
           <part id="sa-9.3_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-09(03)[04]"/>
-            <link rel="depends-on" href="#sa-9.3_smt"/>
             <p>trust relationships with external service provides based on <insert type="param" id-ref="sa-09.03_odp.02"/> are maintained.</p>
+            <link rel="depends-on" href="#sa-9.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-9.3_smt"/>
         </part>
         <part id="sa-9.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60208,8 +60208,8 @@
         </part>
         <part id="sa-9.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(04)"/>
-          <link rel="depends-on" href="#sa-9.4_smt"/>
           <p><insert type="param" id-ref="sa-09.04_odp.02"/> are taken to verify that the interests of <insert type="param" id-ref="sa-09.04_odp.01"/> are consistent with and reflect organizational interests.</p>
+          <link rel="depends-on" href="#sa-9.4_smt"/>
         </part>
         <part id="sa-9.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60292,8 +60292,8 @@
         </part>
         <part id="sa-9.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(05)"/>
-          <link rel="depends-on" href="#sa-9.5_smt"/>
           <p>based on <insert type="param" id-ref="sa-09.05_odp.03"/>, <insert type="param" id-ref="sa-09.05_odp.01"/> is/are restricted to <insert type="param" id-ref="sa-09.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#sa-9.5_smt"/>
         </part>
         <part id="sa-9.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60352,8 +60352,8 @@
         </part>
         <part id="sa-9.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(06)"/>
-          <link rel="depends-on" href="#sa-9.6_smt"/>
           <p>exclusive control of cryptographic keys is maintained for encrypted material stored or transmitted through an external system.</p>
+          <link rel="depends-on" href="#sa-9.6_smt"/>
         </part>
         <part id="sa-9.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60409,8 +60409,8 @@
         </part>
         <part id="sa-9.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(07)"/>
-          <link rel="depends-on" href="#sa-9.7_smt"/>
           <p>the capability is provided to check the integrity of information while it resides in the external system.</p>
+          <link rel="depends-on" href="#sa-9.7_smt"/>
         </part>
         <part id="sa-9.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60468,8 +60468,8 @@
         </part>
         <part id="sa-9.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-09(08)"/>
-          <link rel="depends-on" href="#sa-9.8_smt"/>
           <p>the geographic location of information processing and data storage is restricted to facilities located within the legal jurisdictional boundary of the United States.</p>
+          <link rel="depends-on" href="#sa-9.8_smt"/>
         </part>
         <part id="sa-9.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60592,74 +60592,74 @@
       </part>
       <part id="sa-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-10"/>
-        <link rel="depends-on" href="#sa-10_smt"/>
         <part id="sa-10_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10a."/>
-          <link rel="depends-on" href="#sa-10_smt.a"/>
           <p>the developer of the system, system component, or system service is required to perform configuration management during system, component, or service <insert type="param" id-ref="sa-10_odp.01"/>;</p>
+          <link rel="depends-on" href="#sa-10_smt.a"/>
         </part>
         <part id="sa-10_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10b."/>
-          <link rel="depends-on" href="#sa-10_smt.b"/>
           <part id="sa-10_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10b.[01]"/>
-            <link rel="depends-on" href="#sa-10_smt.b"/>
             <p>the developer of the system, system component, or system service is required to document the integrity of changes to <insert type="param" id-ref="sa-10_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-10_smt.b"/>
           </part>
           <part id="sa-10_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10b.[02]"/>
-            <link rel="depends-on" href="#sa-10_smt.b"/>
             <p>the developer of the system, system component, or system service is required to manage the integrity of changes to <insert type="param" id-ref="sa-10_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-10_smt.b"/>
           </part>
           <part id="sa-10_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10b.[03]"/>
-            <link rel="depends-on" href="#sa-10_smt.b"/>
             <p>the developer of the system, system component, or system service is required to control the integrity of changes to <insert type="param" id-ref="sa-10_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-10_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-10_smt.b"/>
         </part>
         <part id="sa-10_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10c."/>
-          <link rel="depends-on" href="#sa-10_smt.c"/>
           <p>the developer of the system, system component, or system service is required to implement only organization-approved changes to the system, component, or service;</p>
+          <link rel="depends-on" href="#sa-10_smt.c"/>
         </part>
         <part id="sa-10_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10d."/>
-          <link rel="depends-on" href="#sa-10_smt.d"/>
           <part id="sa-10_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10d.[01]"/>
-            <link rel="depends-on" href="#sa-10_smt.d"/>
             <p>the developer of the system, system component, or system service is required to document approved changes to the system, component, or service;</p>
+            <link rel="depends-on" href="#sa-10_smt.d"/>
           </part>
           <part id="sa-10_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10d.[02]"/>
-            <link rel="depends-on" href="#sa-10_smt.d"/>
             <p>the developer of the system, system component, or system service is required to document the potential security impacts of approved changes;</p>
+            <link rel="depends-on" href="#sa-10_smt.d"/>
           </part>
           <part id="sa-10_obj.d-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10d.[03]"/>
-            <link rel="depends-on" href="#sa-10_smt.d"/>
             <p>the developer of the system, system component, or system service is required to document the potential privacy impacts of approved changes;</p>
+            <link rel="depends-on" href="#sa-10_smt.d"/>
           </part>
+          <link rel="depends-on" href="#sa-10_smt.d"/>
         </part>
         <part id="sa-10_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10e."/>
-          <link rel="depends-on" href="#sa-10_smt.e"/>
           <part id="sa-10_obj.e-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10e.[01]"/>
-            <link rel="depends-on" href="#sa-10_smt.e"/>
             <p>the developer of the system, system component, or system service is required to track security flaws within the system, component, or service;</p>
+            <link rel="depends-on" href="#sa-10_smt.e"/>
           </part>
           <part id="sa-10_obj.e-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10e.[02]"/>
-            <link rel="depends-on" href="#sa-10_smt.e"/>
             <p>the developer of the system, system component, or system service is required to track security flaw resolutions within the system, component, or service;</p>
+            <link rel="depends-on" href="#sa-10_smt.e"/>
           </part>
           <part id="sa-10_obj.e-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10e.[03]"/>
-            <link rel="depends-on" href="#sa-10_smt.e"/>
             <p>the developer of the system, system component, or system service is required to report findings to <insert type="param" id-ref="sa-10_odp.03"/>.</p>
+            <link rel="depends-on" href="#sa-10_smt.e"/>
           </part>
+          <link rel="depends-on" href="#sa-10_smt.e"/>
         </part>
+        <link rel="depends-on" href="#sa-10_smt"/>
       </part>
       <part id="sa-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60716,8 +60716,8 @@
         </part>
         <part id="sa-10.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(01)"/>
-          <link rel="depends-on" href="#sa-10.1_smt"/>
           <p>the developer of the system, system component, or system service is required to enable integrity verification of software and firmware components.</p>
+          <link rel="depends-on" href="#sa-10.1_smt"/>
         </part>
         <part id="sa-10.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60775,8 +60775,8 @@
         </part>
         <part id="sa-10.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(02)"/>
-          <link rel="depends-on" href="#sa-10.2_smt"/>
           <p>an alternate configuration management process has been provided using organizational personnel in the absence of a dedicated developer configuration management team.</p>
+          <link rel="depends-on" href="#sa-10.2_smt"/>
         </part>
         <part id="sa-10.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60836,8 +60836,8 @@
         </part>
         <part id="sa-10.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(03)"/>
-          <link rel="depends-on" href="#sa-10.3_smt"/>
           <p>the developer of the system, system component, or system service is required to enable integrity verification of hardware components.</p>
+          <link rel="depends-on" href="#sa-10.3_smt"/>
         </part>
         <part id="sa-10.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60892,22 +60892,22 @@
         </part>
         <part id="sa-10.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(04)"/>
-          <link rel="depends-on" href="#sa-10.4_smt"/>
           <part id="sa-10.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10(04)[01]"/>
-            <link rel="depends-on" href="#sa-10.4_smt"/>
             <p>the developer of the system, system component, or system service is required to employ tools for comparing newly generated versions of security-relevant hardware descriptions with previous versions;</p>
+            <link rel="depends-on" href="#sa-10.4_smt"/>
           </part>
           <part id="sa-10.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10(04)[02]"/>
-            <link rel="depends-on" href="#sa-10.4_smt"/>
             <p>the developer of the system, system component, or system service is required to employ tools for comparing newly generated versions of source code with previous versions;</p>
+            <link rel="depends-on" href="#sa-10.4_smt"/>
           </part>
           <part id="sa-10.4_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10(04)[03]"/>
-            <link rel="depends-on" href="#sa-10.4_smt"/>
             <p>the developer of the system, system component, or system service is required to employ tools for comparing newly generated versions of object code with previous versions.</p>
+            <link rel="depends-on" href="#sa-10.4_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-10.4_smt"/>
         </part>
         <part id="sa-10.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -60952,8 +60952,8 @@
         </part>
         <part id="sa-10.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(05)"/>
-          <link rel="depends-on" href="#sa-10.5_smt"/>
           <p>the developer of the system, system component, or system service is required to maintain the integrity of the mapping between the master build data describing the current version of security-relevant hardware, software, and firmware and the on-site master copy of the data for the current version.</p>
+          <link rel="depends-on" href="#sa-10.5_smt"/>
         </part>
         <part id="sa-10.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61009,8 +61009,8 @@
         </part>
         <part id="sa-10.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(06)"/>
-          <link rel="depends-on" href="#sa-10.6_smt"/>
           <p>the developer of the system, system component, or system service is required to execute procedures for ensuring that security-relevant hardware, software, and firmware updates distributed to the organization are exactly as specified by the master copies.</p>
+          <link rel="depends-on" href="#sa-10.6_smt"/>
         </part>
         <part id="sa-10.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61102,17 +61102,17 @@
         </part>
         <part id="sa-10.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-10(07)"/>
-          <link rel="depends-on" href="#sa-10.7_smt"/>
           <part id="sa-10.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10(07)[01]"/>
-            <link rel="depends-on" href="#sa-10.7_smt"/>
             <p><insert type="param" id-ref="sa-10.07_odp.01"/> are required to be included in the <insert type="param" id-ref="sa-10.07_odp.03"/>;</p>
+            <link rel="depends-on" href="#sa-10.7_smt"/>
           </part>
           <part id="sa-10.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-10(07)[02]"/>
-            <link rel="depends-on" href="#sa-10.7_smt"/>
             <p><insert type="param" id-ref="sa-10.07_odp.02"/> are required to be included in the <insert type="param" id-ref="sa-10.07_odp.04"/>.</p>
+            <link rel="depends-on" href="#sa-10.7_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-10.7_smt"/>
         </part>
         <part id="sa-10.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61226,60 +61226,60 @@
       </part>
       <part id="sa-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-11"/>
-        <link rel="depends-on" href="#sa-11_smt"/>
         <part id="sa-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11a."/>
-          <link rel="depends-on" href="#sa-11_smt.a"/>
           <part id="sa-11_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11a.[01]"/>
-            <link rel="depends-on" href="#sa-11_smt.a"/>
             <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to develop a plan for ongoing security assessments;</p>
+            <link rel="depends-on" href="#sa-11_smt.a"/>
           </part>
           <part id="sa-11_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11a.[02]"/>
-            <link rel="depends-on" href="#sa-11_smt.a"/>
             <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to implement a plan for ongoing security assessments;</p>
+            <link rel="depends-on" href="#sa-11_smt.a"/>
           </part>
           <part id="sa-11_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11a.[03]"/>
-            <link rel="depends-on" href="#sa-11_smt.a"/>
             <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to develop a plan for privacy assessments;</p>
+            <link rel="depends-on" href="#sa-11_smt.a"/>
           </part>
           <part id="sa-11_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11a.[04]"/>
-            <link rel="depends-on" href="#sa-11_smt.a"/>
             <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to implement a plan for ongoing privacy assessments;</p>
+            <link rel="depends-on" href="#sa-11_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sa-11_smt.a"/>
         </part>
         <part id="sa-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11b."/>
-          <link rel="depends-on" href="#sa-11_smt.b"/>
           <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to perform <insert type="param" id-ref="sa-11_odp.01"/> testing/evaluation <insert type="param" id-ref="sa-11_odp.02"/> at <insert type="param" id-ref="sa-11_odp.03"/>;</p>
+          <link rel="depends-on" href="#sa-11_smt.b"/>
         </part>
         <part id="sa-11_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11c."/>
-          <link rel="depends-on" href="#sa-11_smt.c"/>
           <part id="sa-11_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11c.[01]"/>
-            <link rel="depends-on" href="#sa-11_smt.c"/>
             <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to produce evidence of the execution of the assessment plan;</p>
+            <link rel="depends-on" href="#sa-11_smt.c"/>
           </part>
           <part id="sa-11_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11c.[02]"/>
-            <link rel="depends-on" href="#sa-11_smt.c"/>
             <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to produce the results of the testing and evaluation;</p>
+            <link rel="depends-on" href="#sa-11_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-11_smt.c"/>
         </part>
         <part id="sa-11_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11d."/>
-          <link rel="depends-on" href="#sa-11_smt.d"/>
           <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to implement a verifiable flaw remediation process;</p>
+          <link rel="depends-on" href="#sa-11_smt.d"/>
         </part>
         <part id="sa-11_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11e."/>
-          <link rel="depends-on" href="#sa-11_smt.e"/>
           <p>the developer of the system, system component, or system service is required at all post-design stages of the system development life cycle to correct flaws identified during testing and evaluation.</p>
+          <link rel="depends-on" href="#sa-11_smt.e"/>
         </part>
+        <link rel="depends-on" href="#sa-11_smt"/>
       </part>
       <part id="sa-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61339,17 +61339,17 @@
         </part>
         <part id="sa-11.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(01)"/>
-          <link rel="depends-on" href="#sa-11.1_smt"/>
           <part id="sa-11.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(01)[01]"/>
-            <link rel="depends-on" href="#sa-11.1_smt"/>
             <p>the developer of the system, system component, or system service is required to employ static code analysis tools to identify common flaws;</p>
+            <link rel="depends-on" href="#sa-11.1_smt"/>
           </part>
           <part id="sa-11.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(01)[02]"/>
-            <link rel="depends-on" href="#sa-11.1_smt"/>
             <p>the developer of the system, system component, or system service is required to employ static code analysis tools to document the results of the analysis.</p>
+            <link rel="depends-on" href="#sa-11.1_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-11.1_smt"/>
         </part>
         <part id="sa-11.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61486,93 +61486,93 @@
         </part>
         <part id="sa-11.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(02)"/>
-          <link rel="depends-on" href="#sa-11.2_smt"/>
           <part id="sa-11.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(02)(a)"/>
-            <link rel="depends-on" href="#sa-11.2_smt.a"/>
             <part id="sa-11.2_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(a)[01]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling during development of the system, component, or service that uses <insert type="param" id-ref="sa-11.02_odp.01"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.a"/>
             </part>
             <part id="sa-11.2_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(a)[02]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during development of the system, component, or service that uses <insert type="param" id-ref="sa-11.02_odp.01"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.a"/>
             </part>
             <part id="sa-11.2_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(a)[03]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling during the subsequent testing and evaluation of the system, component, or service that uses <insert type="param" id-ref="sa-11.02_odp.01"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.a"/>
             </part>
             <part id="sa-11.2_obj.a-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(a)[04]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during the subsequent testing and evaluation of the system, component, or service that uses <insert type="param" id-ref="sa-11.02_odp.01"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-11.2_smt.a"/>
           </part>
           <part id="sa-11.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(02)(b)"/>
-            <link rel="depends-on" href="#sa-11.2_smt.b"/>
             <part id="sa-11.2_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(b)[01]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.b"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling during development of the system, component, or service that employs <insert type="param" id-ref="sa-11.02_odp.02"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.b"/>
             </part>
             <part id="sa-11.2_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(b)[02]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.b"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling during the subsequent testing and evaluation of the system, component, or service that employs <insert type="param" id-ref="sa-11.02_odp.02"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.b"/>
             </part>
             <part id="sa-11.2_obj.b-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(b)[03]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.b"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during development of the system, component, or service that employs <insert type="param" id-ref="sa-11.02_odp.02"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.b"/>
             </part>
             <part id="sa-11.2_obj.b-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(b)[04]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.b"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during the subsequent testing and evaluation of the system, component, or service that employs <insert type="param" id-ref="sa-11.02_odp.02"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.b"/>
             </part>
+            <link rel="depends-on" href="#sa-11.2_smt.b"/>
           </part>
           <part id="sa-11.2_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(02)(c)"/>
-            <link rel="depends-on" href="#sa-11.2_smt.c"/>
             <part id="sa-11.2_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(c)[01]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.c"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling at <insert type="param" id-ref="sa-11.02_odp.03"/> during development of the system, component, or service;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.c"/>
             </part>
             <part id="sa-11.2_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(c)[02]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.c"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during the subsequent testing and evaluation of the system, component, or service that conducts modeling and analyses at <insert type="param" id-ref="sa-11.02_odp.04"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.c"/>
             </part>
+            <link rel="depends-on" href="#sa-11.2_smt.c"/>
           </part>
           <part id="sa-11.2_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(02)(d)"/>
-            <link rel="depends-on" href="#sa-11.2_smt.d"/>
             <part id="sa-11.2_obj.d-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(d)[01]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.d"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling during development of the system, component, or service that produces evidence that meets <insert type="param" id-ref="sa-11.02_odp.05"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.d"/>
             </part>
             <part id="sa-11.2_obj.d-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(d)[02]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.d"/>
               <p>the developer of the system, system component, or system service is required to perform threat modeling during the subsequent testing and evaluation of the system, component, or service that produces evidence that meets <insert type="param" id-ref="sa-11.02_odp.05"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.d"/>
             </part>
             <part id="sa-11.2_obj.d-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(d)[03]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.d"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during development of the system, component, or service that produces evidence that meets <insert type="param" id-ref="sa-11.02_odp.06"/>;</p>
+              <link rel="depends-on" href="#sa-11.2_smt.d"/>
             </part>
             <part id="sa-11.2_obj.d-4" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(02)(d)[04]"/>
-              <link rel="depends-on" href="#sa-11.2_smt.d"/>
               <p>the developer of the system, system component, or system service is required to perform vulnerability analyses during the subsequent testing and evaluation of the system, component, or service that produces evidence that meets <insert type="param" id-ref="sa-11.02_odp.06"/>.</p>
+              <link rel="depends-on" href="#sa-11.2_smt.d"/>
             </part>
+            <link rel="depends-on" href="#sa-11.2_smt.d"/>
           </part>
+          <link rel="depends-on" href="#sa-11.2_smt"/>
         </part>
         <part id="sa-11.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61647,26 +61647,26 @@
         </part>
         <part id="sa-11.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(03)"/>
-          <link rel="depends-on" href="#sa-11.3_smt"/>
           <part id="sa-11.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(03)(a)"/>
-            <link rel="depends-on" href="#sa-11.3_smt.a"/>
             <part id="sa-11.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(03)(a)[01]"/>
-              <link rel="depends-on" href="#sa-11.3_smt.a"/>
               <p>an independent agent is required to satisfy <insert type="param" id-ref="sa-11.03_odp"/> to verify the correct implementation of the developer security assessment plan and the evidence produced during testing and evaluation;</p>
+              <link rel="depends-on" href="#sa-11.3_smt.a"/>
             </part>
             <part id="sa-11.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(03)(a)[02]"/>
-              <link rel="depends-on" href="#sa-11.3_smt.a"/>
               <p>an independent agent is required to satisfy <insert type="param" id-ref="sa-11.03_odp"/> to verify the correct implementation of the developer privacy assessment plan and the evidence produced during testing and evaluation;</p>
+              <link rel="depends-on" href="#sa-11.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-11.3_smt.a"/>
           </part>
           <part id="sa-11.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(03)(b)"/>
-            <link rel="depends-on" href="#sa-11.3_smt.b"/>
             <p>the independent agent is provided with sufficient information to complete the verification process or granted the authority to obtain such information.</p>
+            <link rel="depends-on" href="#sa-11.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-11.3_smt"/>
         </part>
         <part id="sa-11.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61740,8 +61740,8 @@
         </part>
         <part id="sa-11.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(04)"/>
-          <link rel="depends-on" href="#sa-11.4_smt"/>
           <p>the developer of the system, system component, or system service is required to perform a manual code review of <insert type="param" id-ref="sa-11.04_odp.01"/> using <insert type="param" id-ref="sa-11.04_odp.02"/>.</p>
+          <link rel="depends-on" href="#sa-11.4_smt"/>
         </part>
         <part id="sa-11.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61840,26 +61840,26 @@
         </part>
         <part id="sa-11.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(05)"/>
-          <link rel="depends-on" href="#sa-11.5_smt"/>
           <part id="sa-11.5_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(05)(a)"/>
-            <link rel="depends-on" href="#sa-11.5_smt.a"/>
             <part id="sa-11.5_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(05)(a)[01]"/>
-              <link rel="depends-on" href="#sa-11.5_smt.a"/>
               <p>the developer of the system, system component, or system service is required to perform penetration testing at the following level of rigor: <insert type="param" id-ref="sa-11.05_odp.01"/>;</p>
+              <link rel="depends-on" href="#sa-11.5_smt.a"/>
             </part>
             <part id="sa-11.5_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-11(05)(a)[02]"/>
-              <link rel="depends-on" href="#sa-11.5_smt.a"/>
               <p>the developer of the system, system component, or system service is required to perform penetration testing at the following level of rigor: <insert type="param" id-ref="sa-11.05_odp.02"/>;</p>
+              <link rel="depends-on" href="#sa-11.5_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-11.5_smt.a"/>
           </part>
           <part id="sa-11.5_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(05)(b)"/>
-            <link rel="depends-on" href="#sa-11.5_smt.b"/>
             <p>the developer of the system, system component, or system service is required to perform penetration testing under <insert type="param" id-ref="sa-11.05_odp.03"/>.</p>
+            <link rel="depends-on" href="#sa-11.5_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-11.5_smt"/>
         </part>
         <part id="sa-11.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61917,8 +61917,8 @@
         </part>
         <part id="sa-11.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(06)"/>
-          <link rel="depends-on" href="#sa-11.6_smt"/>
           <p>the developer of the system, system component, or system service is required to perform attack surface reviews.</p>
+          <link rel="depends-on" href="#sa-11.6_smt"/>
         </part>
         <part id="sa-11.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -61993,17 +61993,17 @@
         </part>
         <part id="sa-11.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(07)"/>
-          <link rel="depends-on" href="#sa-11.7_smt"/>
           <part id="sa-11.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(07)[01]"/>
-            <link rel="depends-on" href="#sa-11.7_smt"/>
             <p>the developer of the system, system component, or system service is required to verify that the scope of testing and evaluation provides complete coverage of the required controls at <insert type="param" id-ref="sa-11.07_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-11.7_smt"/>
           </part>
           <part id="sa-11.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(07)[02]"/>
-            <link rel="depends-on" href="#sa-11.7_smt"/>
             <p>the developer of the system, system component, or system service is required to verify that the scope of testing and evaluation provides complete coverage of the required controls at <insert type="param" id-ref="sa-11.07_odp.02"/>.</p>
+            <link rel="depends-on" href="#sa-11.7_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-11.7_smt"/>
         </part>
         <part id="sa-11.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62057,17 +62057,17 @@
         </part>
         <part id="sa-11.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(08)"/>
-          <link rel="depends-on" href="#sa-11.8_smt"/>
           <part id="sa-11.8_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(08)[01]"/>
-            <link rel="depends-on" href="#sa-11.8_smt"/>
             <p>the developer of the system, system component, or system service is required to employ dynamic code analysis tools to identify common flaws;</p>
+            <link rel="depends-on" href="#sa-11.8_smt"/>
           </part>
           <part id="sa-11.8_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(08)[02]"/>
-            <link rel="depends-on" href="#sa-11.8_smt"/>
             <p>the developer of the system, system component, or system service is required to document the results of the analysis.</p>
+            <link rel="depends-on" href="#sa-11.8_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-11.8_smt"/>
         </part>
         <part id="sa-11.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62123,17 +62123,17 @@
         </part>
         <part id="sa-11.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-11(09)"/>
-          <link rel="depends-on" href="#sa-11.9_smt"/>
           <part id="sa-11.9_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(09)[01]"/>
-            <link rel="depends-on" href="#sa-11.9_smt"/>
             <p>the developer of the system, system component, or system service is required to employ interactive application security testing tools to identify flaws;</p>
+            <link rel="depends-on" href="#sa-11.9_smt"/>
           </part>
           <part id="sa-11.9_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-11(09)[02]"/>
-            <link rel="depends-on" href="#sa-11.9_smt"/>
             <p>the developer of the system, system component, or system service is required to document the results of flaw identification.</p>
+            <link rel="depends-on" href="#sa-11.9_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-11.9_smt"/>
         </part>
         <part id="sa-11.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62406,72 +62406,72 @@
       </part>
       <part id="sa-15_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-15"/>
-        <link rel="depends-on" href="#sa-15_smt"/>
         <part id="sa-15_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15a."/>
-          <link rel="depends-on" href="#sa-15_smt.a"/>
           <part id="sa-15_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15a.01"/>
-            <link rel="depends-on" href="#sa-15_smt.a.1"/>
             <part id="sa-15_obj.a.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15a.01[01]"/>
-              <link rel="depends-on" href="#sa-15_smt.a.1"/>
               <p>the developer of the system, system component, or system service is required to follow a documented development process that explicitly addresses security requirements;</p>
+              <link rel="depends-on" href="#sa-15_smt.a.1"/>
             </part>
             <part id="sa-15_obj.a.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15a.01[02]"/>
-              <link rel="depends-on" href="#sa-15_smt.a.1"/>
               <p>the developer of the system, system component, or system service is required to follow a documented development process that explicitly addresses privacy requirements;</p>
+              <link rel="depends-on" href="#sa-15_smt.a.1"/>
             </part>
+            <link rel="depends-on" href="#sa-15_smt.a.1"/>
           </part>
           <part id="sa-15_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15a.02"/>
-            <link rel="depends-on" href="#sa-15_smt.a.2"/>
             <part id="sa-15_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15a.02[01]"/>
-              <link rel="depends-on" href="#sa-15_smt.a.2"/>
               <p>the developer of the system, system component, or system service is required to follow a documented development process that identifies the standards used in the development process;</p>
+              <link rel="depends-on" href="#sa-15_smt.a.2"/>
             </part>
             <part id="sa-15_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15a.02[02]"/>
-              <link rel="depends-on" href="#sa-15_smt.a.2"/>
               <p>the developer of the system, system component, or system service is required to follow a documented development process that identifies the tools used in the development process;</p>
+              <link rel="depends-on" href="#sa-15_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#sa-15_smt.a.2"/>
           </part>
           <part id="sa-15_obj.a.3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15a.03"/>
-            <link rel="depends-on" href="#sa-15_smt.a.3"/>
             <part id="sa-15_obj.a.3-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15a.03[01]"/>
-              <link rel="depends-on" href="#sa-15_smt.a.3"/>
               <p>the developer of the system, system component, or system service is required to follow a documented development process that documents the specific tool used in the development process;</p>
+              <link rel="depends-on" href="#sa-15_smt.a.3"/>
             </part>
             <part id="sa-15_obj.a.3-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15a.03[02]"/>
-              <link rel="depends-on" href="#sa-15_smt.a.3"/>
               <p>the developer of the system, system component, or system service is required to follow a documented development process that documents the specific tool configurations used in the development process;</p>
+              <link rel="depends-on" href="#sa-15_smt.a.3"/>
             </part>
+            <link rel="depends-on" href="#sa-15_smt.a.3"/>
           </part>
           <part id="sa-15_obj.a.4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15a.04"/>
-            <link rel="depends-on" href="#sa-15_smt.a.4"/>
             <p>the developer of the system, system component, or system service is required to follow a documented development process that documents, manages, and ensures the integrity of changes to the process and/or tools used in development;</p>
+            <link rel="depends-on" href="#sa-15_smt.a.4"/>
           </part>
+          <link rel="depends-on" href="#sa-15_smt.a"/>
         </part>
         <part id="sa-15_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15b."/>
-          <link rel="depends-on" href="#sa-15_smt.b"/>
           <part id="sa-15_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15b.[01]"/>
-            <link rel="depends-on" href="#sa-15_smt.b"/>
             <p>the developer of the system, system component, or system service is required to follow a documented development process in which the development process, standards, tools, tool options, and tool configurations are reviewed <insert type="param" id-ref="sa-15_odp.01"/> to determine that the process, standards, tools, tool options, and tool configurations selected and employed satisfy <insert type="param" id-ref="sa-15_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-15_smt.b"/>
           </part>
           <part id="sa-15_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15b.[02]"/>
-            <link rel="depends-on" href="#sa-15_smt.b"/>
             <p>the developer of the system, system component, or system service is required to follow a documented development process in which the development process, standards, tools, tool options, and tool configurations are reviewed <insert type="param" id-ref="sa-15_odp.01"/> to determine that the process, standards, tools, tool options, and tool configurations selected and employed satisfy <insert type="param" id-ref="sa-15_odp.03"/>.</p>
+            <link rel="depends-on" href="#sa-15_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-15_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sa-15_smt"/>
       </part>
       <part id="sa-15_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62559,17 +62559,17 @@
         </part>
         <part id="sa-15.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(01)"/>
-          <link rel="depends-on" href="#sa-15.1_smt"/>
           <part id="sa-15.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(01)(a)"/>
-            <link rel="depends-on" href="#sa-15.1_smt.a"/>
             <p>the developer of the system, system component, or system service is required to define quality metrics at the beginning of the development process;</p>
+            <link rel="depends-on" href="#sa-15.1_smt.a"/>
           </part>
           <part id="sa-15.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(01)(b)"/>
-            <link rel="depends-on" href="#sa-15.1_smt.b"/>
             <p>the developer of the system, system component, or system service is required to provide evidence of meeting the quality metrics <insert type="param" id-ref="sa-15.01_odp.01"/>.</p>
+            <link rel="depends-on" href="#sa-15.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-15.1_smt"/>
         </part>
         <part id="sa-15.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62615,17 +62615,17 @@
         </part>
         <part id="sa-15.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(02)"/>
-          <link rel="depends-on" href="#sa-15.2_smt"/>
           <part id="sa-15.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(02)[01]"/>
-            <link rel="depends-on" href="#sa-15.2_smt"/>
             <p>the developer of the system, system component, or system service is required to select and employ security tracking tools for use during the development process;</p>
+            <link rel="depends-on" href="#sa-15.2_smt"/>
           </part>
           <part id="sa-15.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(02)[02]"/>
-            <link rel="depends-on" href="#sa-15.2_smt"/>
             <p>the developer of the system, system component, or system service is required to select and employ privacy tracking tools for use during the development process.</p>
+            <link rel="depends-on" href="#sa-15.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-15.2_smt"/>
         </part>
         <part id="sa-15.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62712,26 +62712,26 @@
         </part>
         <part id="sa-15.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(03)"/>
-          <link rel="depends-on" href="#sa-15.3_smt"/>
           <part id="sa-15.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(03)(a)"/>
-            <link rel="depends-on" href="#sa-15.3_smt.a"/>
             <p>the developer of the system, system component, or system service is required to perform a criticality analysis at <insert type="param" id-ref="sa-15.03_odp.01"/> in the system development life cycle;</p>
+            <link rel="depends-on" href="#sa-15.3_smt.a"/>
           </part>
           <part id="sa-15.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(03)(b)"/>
-            <link rel="depends-on" href="#sa-15.3_smt.b"/>
             <part id="sa-15.3_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15(03)(b)[01]"/>
-              <link rel="depends-on" href="#sa-15.3_smt.b"/>
               <p>the developer of the system, system component, or system service is required to perform a criticality analysis at the following rigor level: <insert type="param" id-ref="sa-15.03_odp.02"/>;</p>
+              <link rel="depends-on" href="#sa-15.3_smt.b"/>
             </part>
             <part id="sa-15.3_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-15(03)(b)[02]"/>
-              <link rel="depends-on" href="#sa-15.3_smt.b"/>
               <p>the developer of the system, system component, or system service is required to perform a criticality analysis at the following rigor level: <insert type="param" id-ref="sa-15.03_odp.03"/> .</p>
+              <link rel="depends-on" href="#sa-15.3_smt.b"/>
             </part>
+            <link rel="depends-on" href="#sa-15.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-15.3_smt"/>
         </part>
         <part id="sa-15.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62808,8 +62808,8 @@
         </part>
         <part id="sa-15.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(05)"/>
-          <link rel="depends-on" href="#sa-15.5_smt"/>
           <p>the developer of the system, system component, or system service is required to reduce attack surfaces to <insert type="param" id-ref="sa-15.05_odp"/>.</p>
+          <link rel="depends-on" href="#sa-15.5_smt"/>
         </part>
         <part id="sa-15.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62864,8 +62864,8 @@
         </part>
         <part id="sa-15.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(06)"/>
-          <link rel="depends-on" href="#sa-15.6_smt"/>
           <p>the developer of the system, system component, or system service is required to implement an explicit process to continuously improve the development process.</p>
+          <link rel="depends-on" href="#sa-15.6_smt"/>
         </part>
         <part id="sa-15.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -62957,27 +62957,27 @@
         </part>
         <part id="sa-15.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(07)"/>
-          <link rel="depends-on" href="#sa-15.7_smt"/>
           <part id="sa-15.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(07)(a)"/>
-            <link rel="depends-on" href="#sa-15.7_smt.a"/>
             <p>the developer of the system, system component, or system service is required to perform automated vulnerability analysis <insert type="param" id-ref="sa-15.07_odp.01"/> using <insert type="param" id-ref="sa-15.07_odp.02"/>;</p>
+            <link rel="depends-on" href="#sa-15.7_smt.a"/>
           </part>
           <part id="sa-15.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(07)(b)"/>
-            <link rel="depends-on" href="#sa-15.7_smt.b"/>
             <p>the developer of the system, system component, or system service is required to determine the exploitation potential for discovered vulnerabilities <insert type="param" id-ref="sa-15.07_odp.01"/>;</p>
+            <link rel="depends-on" href="#sa-15.7_smt.b"/>
           </part>
           <part id="sa-15.7_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(07)(c)"/>
-            <link rel="depends-on" href="#sa-15.7_smt.c"/>
             <p>the developer of the system, system component, or system service is required to determine potential risk mitigations <insert type="param" id-ref="sa-15.07_odp.01"/> for delivered vulnerabilities;</p>
+            <link rel="depends-on" href="#sa-15.7_smt.c"/>
           </part>
           <part id="sa-15.7_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(07)(d)"/>
-            <link rel="depends-on" href="#sa-15.7_smt.d"/>
             <p>the developer of the system, system component, or system service is required to deliver the outputs of the tools and results of the analysis <insert type="param" id-ref="sa-15.07_odp.01"/> to <insert type="param" id-ref="sa-15.07_odp.03"/>.</p>
+            <link rel="depends-on" href="#sa-15.7_smt.d"/>
           </part>
+          <link rel="depends-on" href="#sa-15.7_smt"/>
         </part>
         <part id="sa-15.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63033,17 +63033,17 @@
         </part>
         <part id="sa-15.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(08)"/>
-          <link rel="depends-on" href="#sa-15.8_smt"/>
           <part id="sa-15.8_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(08)[01]"/>
-            <link rel="depends-on" href="#sa-15.8_smt"/>
             <p>the developer of the system, system component, or system service is required to use threat modeling from similar systems, components, or services to inform the current development process;</p>
+            <link rel="depends-on" href="#sa-15.8_smt"/>
           </part>
           <part id="sa-15.8_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(08)[02]"/>
-            <link rel="depends-on" href="#sa-15.8_smt"/>
             <p>the developer of the system, system component, or system service is required to use vulnerability analyses from similar systems, components, or services to inform the current development process.</p>
+            <link rel="depends-on" href="#sa-15.8_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-15.8_smt"/>
         </part>
         <part id="sa-15.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63097,22 +63097,22 @@
         </part>
         <part id="sa-15.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(10)"/>
-          <link rel="depends-on" href="#sa-15.10_smt"/>
           <part id="sa-15.10_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(10)[01]"/>
-            <link rel="depends-on" href="#sa-15.10_smt"/>
             <p>the developer of the system, system component, or system service is required to provide an incident response plan;</p>
+            <link rel="depends-on" href="#sa-15.10_smt"/>
           </part>
           <part id="sa-15.10_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(10)[02]"/>
-            <link rel="depends-on" href="#sa-15.10_smt"/>
             <p>the developer of the system, system component, or system service is required to implement an incident response plan;</p>
+            <link rel="depends-on" href="#sa-15.10_smt"/>
           </part>
           <part id="sa-15.10_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-15(10)[03]"/>
-            <link rel="depends-on" href="#sa-15.10_smt"/>
             <p>the developer of the system, system component, or system service is required to test an incident response plan.</p>
+            <link rel="depends-on" href="#sa-15.10_smt"/>
           </part>
+          <link rel="depends-on" href="#sa-15.10_smt"/>
         </part>
         <part id="sa-15.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63162,8 +63162,8 @@
         </part>
         <part id="sa-15.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(11)"/>
-          <link rel="depends-on" href="#sa-15.11_smt"/>
           <p>the developer of the system or system component is required to archive the system or component to be released or delivered together with the corresponding evidence supporting the final security and privacy review.</p>
+          <link rel="depends-on" href="#sa-15.11_smt"/>
         </part>
         <part id="sa-15.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63211,8 +63211,8 @@
         </part>
         <part id="sa-15.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-15(12)"/>
-          <link rel="depends-on" href="#sa-15.12_smt"/>
           <p>the developer of the system or system component is required to minimize the use of personally identifiable information in development and test environments.</p>
+          <link rel="depends-on" href="#sa-15.12_smt"/>
         </part>
         <part id="sa-15.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63280,8 +63280,8 @@
       </part>
       <part id="sa-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-16"/>
-        <link rel="depends-on" href="#sa-16_smt"/>
         <p>the developer of the system, system component, or system service is required to provide <insert type="param" id-ref="sa-16_odp"/> on the correct use and operation of the implemented security and privacy functions, controls, and/or mechanisms.</p>
+        <link rel="depends-on" href="#sa-16_smt"/>
       </part>
       <part id="sa-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63352,49 +63352,49 @@
       </part>
       <part id="sa-17_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-17"/>
-        <link rel="depends-on" href="#sa-17_smt"/>
         <part id="sa-17_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(a)"/>
-          <link rel="depends-on" href="#sa-17_smt.a"/>
           <part id="sa-17_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(a)[01]"/>
-            <link rel="depends-on" href="#sa-17_smt.a"/>
             <p>the developer of the system, system component, or system service is required to produce a design specification and security architecture that are consistent with the organization’s security architecture, which is an integral part the organization’s enterprise architecture;</p>
+            <link rel="depends-on" href="#sa-17_smt.a"/>
           </part>
           <part id="sa-17_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(a)[02]"/>
-            <link rel="depends-on" href="#sa-17_smt.a"/>
             <p>the developer of the system, system component, or system service is required to produce a design specification and privacy architecture that are consistent with the organization’s privacy architecture, which is an integral part the organization’s enterprise architecture;</p>
+            <link rel="depends-on" href="#sa-17_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sa-17_smt.a"/>
         </part>
         <part id="sa-17_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(b)"/>
-          <link rel="depends-on" href="#sa-17_smt.b"/>
           <part id="sa-17_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(b)[01]"/>
-            <link rel="depends-on" href="#sa-17_smt.b"/>
             <p>the developer of the system, system component, or system service is required to produce a design specification and security architecture that accurately and completely describe the required security functionality and the allocation of controls among physical and logical components;</p>
+            <link rel="depends-on" href="#sa-17_smt.b"/>
           </part>
           <part id="sa-17_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(b)[02]"/>
-            <link rel="depends-on" href="#sa-17_smt.b"/>
             <p>the developer of the system, system component, or system service is required to produce a design specification and privacy architecture that accurately and completely describe the required privacy functionality and the allocation of controls among physical and logical components;</p>
+            <link rel="depends-on" href="#sa-17_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-17_smt.b"/>
         </part>
         <part id="sa-17_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(c)"/>
-          <link rel="depends-on" href="#sa-17_smt.c"/>
           <part id="sa-17_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(c)[01]"/>
-            <link rel="depends-on" href="#sa-17_smt.c"/>
             <p>the developer of the system, system component, or system service is required to produce a design specification and security architecture that express how individual security functions, mechanisms, and services work together to provide required security capabilities and a unified approach to protection;</p>
+            <link rel="depends-on" href="#sa-17_smt.c"/>
           </part>
           <part id="sa-17_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(c)[02]"/>
-            <link rel="depends-on" href="#sa-17_smt.c"/>
             <p>the developer of the system, system component, or system service is required to produce a design specification and privacy architecture that express how individual privacy functions, mechanisms, and services work together to provide required privacy capabilities and a unified approach to protection.</p>
+            <link rel="depends-on" href="#sa-17_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sa-17_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sa-17_smt"/>
       </part>
       <part id="sa-17_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63471,35 +63471,35 @@
         </part>
         <part id="sa-17.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(01)"/>
-          <link rel="depends-on" href="#sa-17.1_smt"/>
           <part id="sa-17.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(01)(a)"/>
-            <link rel="depends-on" href="#sa-17.1_smt.a"/>
             <part id="sa-17.1_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(01)(a)[01]"/>
-              <link rel="depends-on" href="#sa-17.1_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce a formal policy model describing the <insert type="param" id-ref="sa-17.01_odp.01"/> to be enforced;</p>
+              <link rel="depends-on" href="#sa-17.1_smt.a"/>
             </part>
             <part id="sa-17.1_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(01)(a)[02]"/>
-              <link rel="depends-on" href="#sa-17.1_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce a formal policy model describing the <insert type="param" id-ref="sa-17.01_odp.02"/> to be enforced;</p>
+              <link rel="depends-on" href="#sa-17.1_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-17.1_smt.a"/>
           </part>
           <part id="sa-17.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(01)(b)"/>
-            <link rel="depends-on" href="#sa-17.1_smt.b"/>
             <part id="sa-17.1_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(01)(b)[01]"/>
-              <link rel="depends-on" href="#sa-17.1_smt.b"/>
               <p>the developer of the system, system component, or system service is required to prove that the formal policy model is internally consistent and sufficient to enforce the defined elements of the organizational security policy when implemented;</p>
+              <link rel="depends-on" href="#sa-17.1_smt.b"/>
             </part>
             <part id="sa-17.1_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(01)(b)[02]"/>
-              <link rel="depends-on" href="#sa-17.1_smt.b"/>
               <p>the developer of the system, system component, or system service is required to prove that the formal policy model is internally consistent and sufficient to enforce the defined elements of the organizational privacy policy when implemented.</p>
+              <link rel="depends-on" href="#sa-17.1_smt.b"/>
             </part>
+            <link rel="depends-on" href="#sa-17.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-17.1_smt"/>
         </part>
         <part id="sa-17.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63557,31 +63557,31 @@
         </part>
         <part id="sa-17.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(02)"/>
-          <link rel="depends-on" href="#sa-17.2_smt"/>
           <part id="sa-17.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(02)(a)"/>
-            <link rel="depends-on" href="#sa-17.2_smt.a"/>
             <part id="sa-17.2_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(02)(a)[01]"/>
-              <link rel="depends-on" href="#sa-17.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to define security-relevant hardware;</p>
+              <link rel="depends-on" href="#sa-17.2_smt.a"/>
             </part>
             <part id="sa-17.2_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(02)(a)[02]"/>
-              <link rel="depends-on" href="#sa-17.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to define security-relevant software;</p>
+              <link rel="depends-on" href="#sa-17.2_smt.a"/>
             </part>
             <part id="sa-17.2_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(02)(a)[03]"/>
-              <link rel="depends-on" href="#sa-17.2_smt.a"/>
               <p>the developer of the system, system component, or system service is required to define security-relevant firmware;</p>
+              <link rel="depends-on" href="#sa-17.2_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-17.2_smt.a"/>
           </part>
           <part id="sa-17.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(02)(b)"/>
-            <link rel="depends-on" href="#sa-17.2_smt.b"/>
             <p>the developer of the system, system component, or system service is required to provide a rationale that the definition for security-relevant hardware, software, and firmware is complete.</p>
+            <link rel="depends-on" href="#sa-17.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-17.2_smt"/>
         </part>
         <part id="sa-17.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63652,46 +63652,46 @@
         </part>
         <part id="sa-17.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(03)"/>
-          <link rel="depends-on" href="#sa-17.3_smt"/>
           <part id="sa-17.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(03)(a)"/>
-            <link rel="depends-on" href="#sa-17.3_smt.a"/>
             <part id="sa-17.3_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(03)(a)[01]"/>
-              <link rel="depends-on" href="#sa-17.3_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce a formal top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of exceptions;</p>
+              <link rel="depends-on" href="#sa-17.3_smt.a"/>
             </part>
             <part id="sa-17.3_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(03)(a)[02]"/>
-              <link rel="depends-on" href="#sa-17.3_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce a formal top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of error messages;</p>
+              <link rel="depends-on" href="#sa-17.3_smt.a"/>
             </part>
             <part id="sa-17.3_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(03)(a)[03]"/>
-              <link rel="depends-on" href="#sa-17.3_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce a formal top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of effects;</p>
+              <link rel="depends-on" href="#sa-17.3_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-17.3_smt.a"/>
           </part>
           <part id="sa-17.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(03)(b)"/>
-            <link rel="depends-on" href="#sa-17.3_smt.b"/>
             <p>the developer of the system, system component, or system service is required to show proof that the formal top-level specification is consistent with the formal policy model to the extent feasible with additional informal demonstration as necessary;</p>
+            <link rel="depends-on" href="#sa-17.3_smt.b"/>
           </part>
           <part id="sa-17.3_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(03)(c)"/>
-            <link rel="depends-on" href="#sa-17.3_smt.c"/>
             <p>the developer of the system, system component, or system service is required to show via informal demonstration that the formal top-level specification completely covers the interfaces to security-relevant hardware, software, and firmware;</p>
+            <link rel="depends-on" href="#sa-17.3_smt.c"/>
           </part>
           <part id="sa-17.3_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(03)(d)"/>
-            <link rel="depends-on" href="#sa-17.3_smt.d"/>
             <p>the developer of the system, system component, or system service is required to show that the formal top-level specification is an accurate description of the implemented security-relevant hardware, software, and firmware;</p>
+            <link rel="depends-on" href="#sa-17.3_smt.d"/>
           </part>
           <part id="sa-17.3_obj.e" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(03)(e)"/>
-            <link rel="depends-on" href="#sa-17.3_smt.e"/>
             <p>the developer of the system, system component, or system service is required to describe the security-relevant hardware, software, and firmware mechanisms that are not addressed in the formal top-level specification but are strictly internal to the security-relevant hardware, software, and firmware.</p>
+            <link rel="depends-on" href="#sa-17.3_smt.e"/>
           </part>
+          <link rel="depends-on" href="#sa-17.3_smt"/>
         </part>
         <part id="sa-17.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63773,46 +63773,46 @@
         </part>
         <part id="sa-17.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(04)"/>
-          <link rel="depends-on" href="#sa-17.4_smt"/>
           <part id="sa-17.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(04)(a)"/>
-            <link rel="depends-on" href="#sa-17.4_smt.a"/>
             <part id="sa-17.4_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(04)(a)[01]"/>
-              <link rel="depends-on" href="#sa-17.4_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce an informal, descriptive top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of exceptions;</p>
+              <link rel="depends-on" href="#sa-17.4_smt.a"/>
             </part>
             <part id="sa-17.4_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(04)(a)[02]"/>
-              <link rel="depends-on" href="#sa-17.4_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce an informal, descriptive top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of error messages;</p>
+              <link rel="depends-on" href="#sa-17.4_smt.a"/>
             </part>
             <part id="sa-17.4_obj.a-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SA-17(04)(a)[03]"/>
-              <link rel="depends-on" href="#sa-17.4_smt.a"/>
               <p>as an integral part of the development process, the developer of the system, system component, or system service is required to produce an informal, descriptive top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of effects;</p>
+              <link rel="depends-on" href="#sa-17.4_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sa-17.4_smt.a"/>
           </part>
           <part id="sa-17.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(04)(b)"/>
-            <link rel="depends-on" href="#sa-17.4_smt.b"/>
             <p>the developer of the system, system component, or system service is required to show via <insert type="param" id-ref="sa-17.04_odp"/> that the descriptive top-level specification is consistent with the formal policy model;</p>
+            <link rel="depends-on" href="#sa-17.4_smt.b"/>
           </part>
           <part id="sa-17.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(04)(c)"/>
-            <link rel="depends-on" href="#sa-17.4_smt.c"/>
             <p>the developer of the system, system component, or system service is required to show via informal demonstration that the descriptive top-level specification completely covers the interfaces to security-relevant hardware, software, and firmware;</p>
+            <link rel="depends-on" href="#sa-17.4_smt.c"/>
           </part>
           <part id="sa-17.4_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(04)(d)"/>
-            <link rel="depends-on" href="#sa-17.4_smt.d"/>
             <p>the developer of the system, system component, or system service is required to show that the descriptive top-level specification is an accurate description of the interfaces to security-relevant hardware, software, and firmware;</p>
+            <link rel="depends-on" href="#sa-17.4_smt.d"/>
           </part>
           <part id="sa-17.4_obj.e" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(04)(e)"/>
-            <link rel="depends-on" href="#sa-17.4_smt.e"/>
             <p>the developer of the system, system component, or system service is required to describe the security-relevant hardware, software, and firmware mechanisms that are not addressed in the descriptive top-level specification but are strictly internal to the security-relevant hardware, software, and firmware.</p>
+            <link rel="depends-on" href="#sa-17.4_smt.e"/>
           </part>
+          <link rel="depends-on" href="#sa-17.4_smt"/>
         </part>
         <part id="sa-17.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63873,17 +63873,17 @@
         </part>
         <part id="sa-17.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(05)"/>
-          <link rel="depends-on" href="#sa-17.5_smt"/>
           <part id="sa-17.5_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(05)(a)"/>
-            <link rel="depends-on" href="#sa-17.5_smt.a"/>
             <p>the developer of the system, system component, or system service is required to design and structure the security-relevant hardware, software, and firmware to use a complete, conceptually simple protection mechanism with precisely defined semantics;</p>
+            <link rel="depends-on" href="#sa-17.5_smt.a"/>
           </part>
           <part id="sa-17.5_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SA-17(05)(b)"/>
-            <link rel="depends-on" href="#sa-17.5_smt.b"/>
             <p>the developer of the system, system component, or system service is required to internally structure the security-relevant hardware, software, and firmware with specific regard for this mechanism.</p>
+            <link rel="depends-on" href="#sa-17.5_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sa-17.5_smt"/>
         </part>
         <part id="sa-17.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63933,8 +63933,8 @@
         </part>
         <part id="sa-17.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(06)"/>
-          <link rel="depends-on" href="#sa-17.6_smt"/>
           <p>the developer of the system, system component, or system service is required to structure security-relevant hardware, software, and firmware to facilitate testing.</p>
+          <link rel="depends-on" href="#sa-17.6_smt"/>
         </part>
         <part id="sa-17.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -63988,8 +63988,8 @@
         </part>
         <part id="sa-17.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(07)"/>
-          <link rel="depends-on" href="#sa-17.7_smt"/>
           <p>the developer of the system, system component, or system service is required to structure security-relevant hardware, software, and firmware to facilitate controlling access with least privilege.</p>
+          <link rel="depends-on" href="#sa-17.7_smt"/>
         </part>
         <part id="sa-17.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64055,8 +64055,8 @@
         </part>
         <part id="sa-17.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(08)"/>
-          <link rel="depends-on" href="#sa-17.8_smt"/>
           <p><insert type="param" id-ref="sa-17.08_odp.01"/> are designed with coordinated behavior to implement <insert type="param" id-ref="sa-17.08_odp.02"/>.</p>
+          <link rel="depends-on" href="#sa-17.8_smt"/>
         </part>
         <part id="sa-17.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64115,8 +64115,8 @@
         </part>
         <part id="sa-17.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-17(09)"/>
-          <link rel="depends-on" href="#sa-17.9_smt"/>
           <p>different designs are used for <insert type="param" id-ref="sa-17.09_odp"/> to satisfy a common set of requirements or to provide equivalent functionality.</p>
+          <link rel="depends-on" href="#sa-17.9_smt"/>
         </part>
         <part id="sa-17.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64240,8 +64240,8 @@
       </part>
       <part id="sa-20_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-20"/>
-        <link rel="depends-on" href="#sa-20_smt"/>
         <p><insert type="param" id-ref="sa-20_odp"/> are reimplemented or custom-developed.</p>
+        <link rel="depends-on" href="#sa-20_smt"/>
       </part>
       <part id="sa-20_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64331,17 +64331,17 @@
       </part>
       <part id="sa-21_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-21"/>
-        <link rel="depends-on" href="#sa-21_smt"/>
         <part id="sa-21_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-21a."/>
-          <link rel="depends-on" href="#sa-21_smt.a"/>
           <p>the developer of <insert type="param" id-ref="sa-21_odp.01"/> is required to have appropriate access authorizations as determined by assigned <insert type="param" id-ref="sa-21_odp.02"/>;</p>
+          <link rel="depends-on" href="#sa-21_smt.a"/>
         </part>
         <part id="sa-21_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-21b."/>
-          <link rel="depends-on" href="#sa-21_smt.b"/>
           <p>the developer of <insert type="param" id-ref="sa-21_odp.01"/> is required to satisfy <insert type="param" id-ref="sa-21_odp.03"/>.</p>
+          <link rel="depends-on" href="#sa-21_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sa-21_smt"/>
       </part>
       <part id="sa-21_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64429,17 +64429,17 @@
       </part>
       <part id="sa-22_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-22"/>
-        <link rel="depends-on" href="#sa-22_smt"/>
         <part id="sa-22_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-22a."/>
-          <link rel="depends-on" href="#sa-22_smt.a"/>
           <p>system components are replaced when support for the components is no longer available from the developer, vendor, or manufacturer;</p>
+          <link rel="depends-on" href="#sa-22_smt.a"/>
         </part>
         <part id="sa-22_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SA-22b."/>
-          <link rel="depends-on" href="#sa-22_smt.b"/>
           <p><insert type="param" id-ref="sa-22_odp.01"/> provide options for alternative sources for continued support for unsupported components.</p>
+          <link rel="depends-on" href="#sa-22_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sa-22_smt"/>
       </part>
       <part id="sa-22_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64517,8 +64517,8 @@
       </part>
       <part id="sa-23_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SA-23"/>
-        <link rel="depends-on" href="#sa-23_smt"/>
         <p><insert type="param" id-ref="sa-23_odp.01"/> is employed on <insert type="param" id-ref="sa-23_odp.02"/> supporting essential services or functions to increase the trustworthiness in those systems or components.</p>
+        <link rel="depends-on" href="#sa-23_smt"/>
       </part>
       <part id="sa-23_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64679,116 +64679,116 @@
       </part>
       <part id="sc-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-01"/>
-        <link rel="depends-on" href="#sc-1_smt"/>
         <part id="sc-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-01a."/>
-          <link rel="depends-on" href="#sc-1_smt.a"/>
           <part id="sc-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01a.[01]"/>
-            <link rel="depends-on" href="#sc-1_smt.a"/>
             <p>a system and communications protection policy is developed and documented;</p>
+            <link rel="depends-on" href="#sc-1_smt.a"/>
           </part>
           <part id="sc-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01a.[02]"/>
-            <link rel="depends-on" href="#sc-1_smt.a"/>
             <p>the system and communications protection policy is disseminated to <insert type="param" id-ref="sc-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#sc-1_smt.a"/>
           </part>
           <part id="sc-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01a.[03]"/>
-            <link rel="depends-on" href="#sc-1_smt.a"/>
             <p>system and communications protection procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls are developed and documented;</p>
+            <link rel="depends-on" href="#sc-1_smt.a"/>
           </part>
           <part id="sc-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01a.[04]"/>
-            <link rel="depends-on" href="#sc-1_smt.a"/>
             <p>the system and communications protection procedures are disseminated to <insert type="param" id-ref="sc-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#sc-1_smt.a"/>
           </part>
           <part id="sc-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01a.01"/>
-            <link rel="depends-on" href="#sc-1_smt.a.1"/>
             <part id="sc-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-01a.01(a)"/>
-              <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               <part id="sc-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses purpose;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
               <part id="sc-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses scope;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
               <part id="sc-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses roles;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
               <part id="sc-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
               <part id="sc-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses management commitment;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
               <part id="sc-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
               <part id="sc-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SC-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy addresses compliance;</p>
+                <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#sc-1_smt.a.1.a"/>
             </part>
             <part id="sc-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-01a.01(b)"/>
-              <link rel="depends-on" href="#sc-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="sc-01_odp.03"/> system and communications protection policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#sc-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#sc-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#sc-1_smt.a"/>
         </part>
         <part id="sc-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-01b."/>
-          <link rel="depends-on" href="#sc-1_smt.b"/>
           <p>the <insert type="param" id-ref="sc-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the system and communications protection policy and procedures;</p>
+          <link rel="depends-on" href="#sc-1_smt.b"/>
         </part>
         <part id="sc-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-01c."/>
-          <link rel="depends-on" href="#sc-1_smt.c"/>
           <part id="sc-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01c.01"/>
-            <link rel="depends-on" href="#sc-1_smt.c.1"/>
             <part id="sc-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-01c.01[01]"/>
-              <link rel="depends-on" href="#sc-1_smt.c.1"/>
               <p>the current system and communications protection policy is reviewed and updated <insert type="param" id-ref="sc-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#sc-1_smt.c.1"/>
             </part>
             <part id="sc-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-01c.01[02]"/>
-              <link rel="depends-on" href="#sc-1_smt.c.1"/>
               <p>the current system and communications protection policy is reviewed and updated following <insert type="param" id-ref="sc-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#sc-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#sc-1_smt.c.1"/>
           </part>
           <part id="sc-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-01c.02"/>
-            <link rel="depends-on" href="#sc-1_smt.c.2"/>
             <part id="sc-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-01c.02[01]"/>
-              <link rel="depends-on" href="#sc-1_smt.c.2"/>
               <p>the current system and communications protection procedures are reviewed and updated <insert type="param" id-ref="sc-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#sc-1_smt.c.2"/>
             </part>
             <part id="sc-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-01c.02[02]"/>
-              <link rel="depends-on" href="#sc-1_smt.c.2"/>
               <p>the current system and communications protection procedures are reviewed and updated following <insert type="param" id-ref="sc-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#sc-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#sc-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#sc-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sc-1_smt"/>
       </part>
       <part id="sc-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64835,8 +64835,8 @@
       </part>
       <part id="sc-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-02"/>
-        <link rel="depends-on" href="#sc-2_smt"/>
         <p>user functionality, including user interface services, is separated from system management functionality.</p>
+        <link rel="depends-on" href="#sc-2_smt"/>
       </part>
       <part id="sc-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64884,8 +64884,8 @@
         </part>
         <part id="sc-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-02(01)"/>
-          <link rel="depends-on" href="#sc-2.1_smt"/>
           <p>the presentation of system management functionality is prevented at interfaces to non-privileged users.</p>
+          <link rel="depends-on" href="#sc-2.1_smt"/>
         </part>
         <part id="sc-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64934,8 +64934,8 @@
         </part>
         <part id="sc-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-02(02)"/>
-          <link rel="depends-on" href="#sc-2.2_smt"/>
           <p>state information is stored separately from applications and software.</p>
+          <link rel="depends-on" href="#sc-2.2_smt"/>
         </part>
         <part id="sc-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -64999,8 +64999,8 @@
       </part>
       <part id="sc-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-03"/>
-        <link rel="depends-on" href="#sc-3_smt"/>
         <p>security functions are isolated from non-security functions.</p>
+        <link rel="depends-on" href="#sc-3_smt"/>
       </part>
       <part id="sc-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65048,8 +65048,8 @@
         </part>
         <part id="sc-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-03(01)"/>
-          <link rel="depends-on" href="#sc-3.1_smt"/>
           <p>hardware separation mechanisms are employed to implement security function isolation.</p>
+          <link rel="depends-on" href="#sc-3.1_smt"/>
         </part>
         <part id="sc-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65098,27 +65098,27 @@
         </part>
         <part id="sc-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-03(02)"/>
-          <link rel="depends-on" href="#sc-3.2_smt"/>
           <part id="sc-3.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-03(02)[01]"/>
-            <link rel="depends-on" href="#sc-3.2_smt"/>
             <p>security functions enforcing access control are isolated from non-security functions;</p>
+            <link rel="depends-on" href="#sc-3.2_smt"/>
           </part>
           <part id="sc-3.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-03(02)[02]"/>
-            <link rel="depends-on" href="#sc-3.2_smt"/>
             <p>security functions enforcing access control are isolated from other security functions;</p>
+            <link rel="depends-on" href="#sc-3.2_smt"/>
           </part>
           <part id="sc-3.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-03(02)[03]"/>
-            <link rel="depends-on" href="#sc-3.2_smt"/>
             <p>security functions enforcing information flow control are isolated from non-security functions;</p>
+            <link rel="depends-on" href="#sc-3.2_smt"/>
           </part>
           <part id="sc-3.2_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-03(02)[04]"/>
-            <link rel="depends-on" href="#sc-3.2_smt"/>
             <p>security functions enforcing information flow control are isolated from other security functions.</p>
+            <link rel="depends-on" href="#sc-3.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-3.2_smt"/>
         </part>
         <part id="sc-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65167,8 +65167,8 @@
         </part>
         <part id="sc-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-03(03)"/>
-          <link rel="depends-on" href="#sc-3.3_smt"/>
           <p>the number of non-security functions included within the isolation boundary containing security functions is minimized.</p>
+          <link rel="depends-on" href="#sc-3.3_smt"/>
         </part>
         <part id="sc-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65216,17 +65216,17 @@
         </part>
         <part id="sc-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-03(04)"/>
-          <link rel="depends-on" href="#sc-3.4_smt"/>
           <part id="sc-3.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-03(04)[01]"/>
-            <link rel="depends-on" href="#sc-3.4_smt"/>
             <p>security functions are implemented as largely independent modules that maximize internal cohesiveness within modules;</p>
+            <link rel="depends-on" href="#sc-3.4_smt"/>
           </part>
           <part id="sc-3.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-03(04)[02]"/>
-            <link rel="depends-on" href="#sc-3.4_smt"/>
             <p>security functions are implemented as largely independent modules that minimize coupling between modules.</p>
+            <link rel="depends-on" href="#sc-3.4_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-3.4_smt"/>
         </part>
         <part id="sc-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65275,8 +65275,8 @@
         </part>
         <part id="sc-3.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-03(05)"/>
-          <link rel="depends-on" href="#sc-3.5_smt"/>
           <p>security functions are implemented as a layered structure, minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.</p>
+          <link rel="depends-on" href="#sc-3.5_smt"/>
         </part>
         <part id="sc-3.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65326,17 +65326,17 @@
       </part>
       <part id="sc-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-04"/>
-        <link rel="depends-on" href="#sc-4_smt"/>
         <part id="sc-4_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-04[01]"/>
-          <link rel="depends-on" href="#sc-4_smt"/>
           <p>unauthorized information transfer via shared system resources is prevented;</p>
+          <link rel="depends-on" href="#sc-4_smt"/>
         </part>
         <part id="sc-4_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-04[02]"/>
-          <link rel="depends-on" href="#sc-4_smt"/>
           <p>unintended information transfer via shared system resources is prevented.</p>
+          <link rel="depends-on" href="#sc-4_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-4_smt"/>
       </part>
       <part id="sc-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65398,8 +65398,8 @@
         </part>
         <part id="sc-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-04(02)"/>
-          <link rel="depends-on" href="#sc-4.2_smt"/>
           <p>unauthorized information transfer via shared resources is prevented in accordance with <insert type="param" id-ref="sc-04.02_odp"/> when system processing explicitly switches between different information classification levels or security categories.</p>
+          <link rel="depends-on" href="#sc-4.2_smt"/>
         </part>
         <part id="sc-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65483,17 +65483,17 @@
       </part>
       <part id="sc-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-05"/>
-        <link rel="depends-on" href="#sc-5_smt"/>
         <part id="sc-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-05a."/>
-          <link rel="depends-on" href="#sc-5_smt.a"/>
           <p>the effects of <insert type="param" id-ref="sc-05_odp.01"/> are <insert type="param" id-ref="sc-05_odp.02"/>;</p>
+          <link rel="depends-on" href="#sc-5_smt.a"/>
         </part>
         <part id="sc-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-05b."/>
-          <link rel="depends-on" href="#sc-5_smt.b"/>
           <p><insert type="param" id-ref="sc-05_odp.03"/> are employed to achieve the denial-of-service protection objective.</p>
+          <link rel="depends-on" href="#sc-5_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-5_smt"/>
       </part>
       <part id="sc-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65550,8 +65550,8 @@
         </part>
         <part id="sc-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-05(01)"/>
-          <link rel="depends-on" href="#sc-5.1_smt"/>
           <p>the ability of individuals to launch <insert type="param" id-ref="sc-05.01_odp"/> against other systems is restricted.</p>
+          <link rel="depends-on" href="#sc-5.1_smt"/>
         </part>
         <part id="sc-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65600,8 +65600,8 @@
         </part>
         <part id="sc-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-05(02)"/>
-          <link rel="depends-on" href="#sc-5.2_smt"/>
           <p>capacity, bandwidth, or other redundancies to limit the effects of information flooding denial-of-service attacks are managed.</p>
+          <link rel="depends-on" href="#sc-5.2_smt"/>
         </part>
         <part id="sc-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65674,17 +65674,17 @@
         </part>
         <part id="sc-5.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-05(03)"/>
-          <link rel="depends-on" href="#sc-5.3_smt"/>
           <part id="sc-5.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-05(03)(a)"/>
-            <link rel="depends-on" href="#sc-5.3_smt.a"/>
             <p><insert type="param" id-ref="sc-05.03_odp.01"/> are employed to detect indicators of denial-of-service attacks against or launched from the system;</p>
+            <link rel="depends-on" href="#sc-5.3_smt.a"/>
           </part>
           <part id="sc-5.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-05(03)(b)"/>
-            <link rel="depends-on" href="#sc-5.3_smt.b"/>
             <p><insert type="param" id-ref="sc-05.03_odp.02"/> are monitored to determine if sufficient resources exist to prevent effective denial-of-service attacks.</p>
+            <link rel="depends-on" href="#sc-5.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-5.3_smt"/>
         </part>
         <part id="sc-5.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65761,8 +65761,8 @@
       </part>
       <part id="sc-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-06"/>
-        <link rel="depends-on" href="#sc-6_smt"/>
         <p>the availability of resources is protected by allocating <insert type="param" id-ref="sc-06_odp.01"/> by <insert type="param" id-ref="sc-06_odp.02"/>.</p>
+        <link rel="depends-on" href="#sc-6_smt"/>
       </part>
       <part id="sc-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65859,41 +65859,41 @@
       </part>
       <part id="sc-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-07"/>
-        <link rel="depends-on" href="#sc-7_smt"/>
         <part id="sc-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07a."/>
-          <link rel="depends-on" href="#sc-7_smt.a"/>
           <part id="sc-7_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07a.[01]"/>
-            <link rel="depends-on" href="#sc-7_smt.a"/>
             <p>communications at external managed interfaces to the system are monitored;</p>
+            <link rel="depends-on" href="#sc-7_smt.a"/>
           </part>
           <part id="sc-7_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07a.[02]"/>
-            <link rel="depends-on" href="#sc-7_smt.a"/>
             <p>communications at external managed interfaces to the system are controlled;</p>
+            <link rel="depends-on" href="#sc-7_smt.a"/>
           </part>
           <part id="sc-7_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07a.[03]"/>
-            <link rel="depends-on" href="#sc-7_smt.a"/>
             <p>communications at key internal managed interfaces within the system are monitored;</p>
+            <link rel="depends-on" href="#sc-7_smt.a"/>
           </part>
           <part id="sc-7_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07a.[04]"/>
-            <link rel="depends-on" href="#sc-7_smt.a"/>
             <p>communications at key internal managed interfaces within the system are controlled;</p>
+            <link rel="depends-on" href="#sc-7_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sc-7_smt.a"/>
         </part>
         <part id="sc-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07b."/>
-          <link rel="depends-on" href="#sc-7_smt.b"/>
           <p>subnetworks for publicly accessible system components are <insert type="param" id-ref="sc-07_odp"/> separated from internal organizational networks;</p>
+          <link rel="depends-on" href="#sc-7_smt.b"/>
         </part>
         <part id="sc-7_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07c."/>
-          <link rel="depends-on" href="#sc-7_smt.c"/>
           <p>external networks or systems are only connected to through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security and privacy architecture.</p>
+          <link rel="depends-on" href="#sc-7_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sc-7_smt"/>
       </part>
       <part id="sc-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -65959,8 +65959,8 @@
         </part>
         <part id="sc-7.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(03)"/>
-          <link rel="depends-on" href="#sc-7.3_smt"/>
           <p>the number of external network connections to the system is limited.</p>
+          <link rel="depends-on" href="#sc-7.3_smt"/>
         </part>
         <part id="sc-7.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66055,65 +66055,65 @@
         </part>
         <part id="sc-7.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(04)"/>
-          <link rel="depends-on" href="#sc-7.4_smt"/>
           <part id="sc-7.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(a)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.a"/>
             <p>a managed interface is implemented for each external telecommunication service;</p>
+            <link rel="depends-on" href="#sc-7.4_smt.a"/>
           </part>
           <part id="sc-7.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(b)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.b"/>
             <p>a traffic flow policy is established for each managed interface;</p>
+            <link rel="depends-on" href="#sc-7.4_smt.b"/>
           </part>
           <part id="sc-7.4_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(c)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.c"/>
             <part id="sc-7.4_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(04)(c)[01]"/>
-              <link rel="depends-on" href="#sc-7.4_smt.c"/>
               <p>the confidentiality of the information being transmitted across each interface is protected;</p>
+              <link rel="depends-on" href="#sc-7.4_smt.c"/>
             </part>
             <part id="sc-7.4_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(04)(c)[02]"/>
-              <link rel="depends-on" href="#sc-7.4_smt.c"/>
               <p>the integrity of the information being transmitted across each interface is protected;</p>
+              <link rel="depends-on" href="#sc-7.4_smt.c"/>
             </part>
+            <link rel="depends-on" href="#sc-7.4_smt.c"/>
           </part>
           <part id="sc-7.4_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(d)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.d"/>
             <p>each exception to the traffic flow policy is documented with a supporting mission or business need and duration of that need;</p>
+            <link rel="depends-on" href="#sc-7.4_smt.d"/>
           </part>
           <part id="sc-7.4_obj.e" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(e)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.e"/>
             <part id="sc-7.4_obj.e-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(04)(e)[01]"/>
-              <link rel="depends-on" href="#sc-7.4_smt.e"/>
               <p>exceptions to the traffic flow policy are reviewed <insert type="param" id-ref="sc-07.04_odp"/>;</p>
+              <link rel="depends-on" href="#sc-7.4_smt.e"/>
             </part>
             <part id="sc-7.4_obj.e-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(04)(e)[02]"/>
-              <link rel="depends-on" href="#sc-7.4_smt.e"/>
               <p>exceptions to the traffic flow policy that are no longer supported by an explicit mission or business need are removed;</p>
+              <link rel="depends-on" href="#sc-7.4_smt.e"/>
             </part>
+            <link rel="depends-on" href="#sc-7.4_smt.e"/>
           </part>
           <part id="sc-7.4_obj.f" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(f)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.f"/>
             <p>unauthorized exchanges of control plan traffic with external networks are prevented;</p>
+            <link rel="depends-on" href="#sc-7.4_smt.f"/>
           </part>
           <part id="sc-7.4_obj.g" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(g)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.g"/>
             <p>information is published to enable remote networks to detect unauthorized control plane traffic from internal networks;</p>
+            <link rel="depends-on" href="#sc-7.4_smt.g"/>
           </part>
           <part id="sc-7.4_obj.h" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(04)(h)"/>
-            <link rel="depends-on" href="#sc-7.4_smt.h"/>
             <p>unauthorized control plane traffic is filtered from external networks.</p>
+            <link rel="depends-on" href="#sc-7.4_smt.h"/>
           </part>
+          <link rel="depends-on" href="#sc-7.4_smt"/>
         </part>
         <part id="sc-7.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66185,17 +66185,17 @@
         </part>
         <part id="sc-7.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(05)"/>
-          <link rel="depends-on" href="#sc-7.5_smt"/>
           <part id="sc-7.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(05)[01]"/>
-            <link rel="depends-on" href="#sc-7.5_smt"/>
             <p>network communications traffic is denied by default <insert type="param" id-ref="sc-07.05_odp.01"/>;</p>
+            <link rel="depends-on" href="#sc-7.5_smt"/>
           </part>
           <part id="sc-7.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(05)[02]"/>
-            <link rel="depends-on" href="#sc-7.5_smt"/>
             <p>network communications traffic is allowed by exception <insert type="param" id-ref="sc-07.05_odp.01"/>.</p>
+            <link rel="depends-on" href="#sc-7.5_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-7.5_smt"/>
         </part>
         <part id="sc-7.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66259,8 +66259,8 @@
         </part>
         <part id="sc-7.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(07)"/>
-          <link rel="depends-on" href="#sc-7.7_smt"/>
           <p>split tunneling is prevented for remote devices connecting to organizational systems unless the split tunnel is securely provisioned using <insert type="param" id-ref="sc-07.07_odp"/>.</p>
+          <link rel="depends-on" href="#sc-7.7_smt"/>
         </part>
         <part id="sc-7.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66328,8 +66328,8 @@
         </part>
         <part id="sc-7.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(08)"/>
-          <link rel="depends-on" href="#sc-7.8_smt"/>
           <p><insert type="param" id-ref="sc-07.08_odp.01"/> is routed to <insert type="param" id-ref="sc-07.08_odp.02"/> through authenticated proxy servers at managed interfaces.</p>
+          <link rel="depends-on" href="#sc-7.8_smt"/>
         </part>
         <part id="sc-7.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66393,26 +66393,26 @@
         </part>
         <part id="sc-7.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(09)"/>
-          <link rel="depends-on" href="#sc-7.9_smt"/>
           <part id="sc-7.9_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(09)(a)"/>
-            <link rel="depends-on" href="#sc-7.9_smt.a"/>
             <part id="sc-7.9_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(09)(a)[01]"/>
-              <link rel="depends-on" href="#sc-7.9_smt.a"/>
               <p>outgoing communications traffic posing a threat to external systems is detected;</p>
+              <link rel="depends-on" href="#sc-7.9_smt.a"/>
             </part>
             <part id="sc-7.9_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(09)(a)[02]"/>
-              <link rel="depends-on" href="#sc-7.9_smt.a"/>
               <p>outgoing communications traffic posing a threat to external systems is denied;</p>
+              <link rel="depends-on" href="#sc-7.9_smt.a"/>
             </part>
+            <link rel="depends-on" href="#sc-7.9_smt.a"/>
           </part>
           <part id="sc-7.9_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(09)(b)"/>
-            <link rel="depends-on" href="#sc-7.9_smt.b"/>
             <p>the identity of internal users associated with denied communications is audited.</p>
+            <link rel="depends-on" href="#sc-7.9_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-7.9_smt"/>
         </part>
         <part id="sc-7.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66482,17 +66482,17 @@
         </part>
         <part id="sc-7.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(10)"/>
-          <link rel="depends-on" href="#sc-7.10_smt"/>
           <part id="sc-7.10_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(10)(a)"/>
-            <link rel="depends-on" href="#sc-7.10_smt.a"/>
             <p>the exfiltration of information is prevented;</p>
+            <link rel="depends-on" href="#sc-7.10_smt.a"/>
           </part>
           <part id="sc-7.10_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(10)(b)"/>
-            <link rel="depends-on" href="#sc-7.10_smt.b"/>
             <p>exfiltration tests are conducted <insert type="param" id-ref="sc-07.10_odp"/>.</p>
+            <link rel="depends-on" href="#sc-7.10_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-7.10_smt"/>
         </part>
         <part id="sc-7.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66556,8 +66556,8 @@
         </part>
         <part id="sc-7.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(11)"/>
-          <link rel="depends-on" href="#sc-7.11_smt"/>
           <p>only incoming communications from <insert type="param" id-ref="sc-07.11_odp.01"/> are allowed to be routed to <insert type="param" id-ref="sc-07.11_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-7.11_smt"/>
         </part>
         <part id="sc-7.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66621,8 +66621,8 @@
         </part>
         <part id="sc-7.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(12)"/>
-          <link rel="depends-on" href="#sc-7.12_smt"/>
           <p><insert type="param" id-ref="sc-07.12_odp.01"/> are implemented at <insert type="param" id-ref="sc-07.12_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-7.12_smt"/>
         </part>
         <part id="sc-7.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66681,8 +66681,8 @@
         </part>
         <part id="sc-7.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(13)"/>
-          <link rel="depends-on" href="#sc-7.13_smt"/>
           <p><insert type="param" id-ref="sc-07.13_odp"/> are isolated from other internal system components by implementing physically separate subnetworks with managed interfaces to other components of the system.</p>
+          <link rel="depends-on" href="#sc-7.13_smt"/>
         </part>
         <part id="sc-7.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66742,8 +66742,8 @@
         </part>
         <part id="sc-7.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(14)"/>
-          <link rel="depends-on" href="#sc-7.14_smt"/>
           <p><insert type="param" id-ref="sc-07.14_odp"/> are protected against unauthorized physical connections.</p>
+          <link rel="depends-on" href="#sc-7.14_smt"/>
         </part>
         <part id="sc-7.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66795,17 +66795,17 @@
         </part>
         <part id="sc-7.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(15)"/>
-          <link rel="depends-on" href="#sc-7.15_smt"/>
           <part id="sc-7.15_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(15)[01]"/>
-            <link rel="depends-on" href="#sc-7.15_smt"/>
             <p>networked, privileged accesses are routed through a dedicated, managed interface for purposes of access control;</p>
+            <link rel="depends-on" href="#sc-7.15_smt"/>
           </part>
           <part id="sc-7.15_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(15)[02]"/>
-            <link rel="depends-on" href="#sc-7.15_smt"/>
             <p>networked, privileged accesses are routed through a dedicated, managed interface for purposes of auditing.</p>
+            <link rel="depends-on" href="#sc-7.15_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-7.15_smt"/>
         </part>
         <part id="sc-7.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66855,8 +66855,8 @@
         </part>
         <part id="sc-7.16_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(16)"/>
-          <link rel="depends-on" href="#sc-7.16_smt"/>
           <p>the discovery of specific system components that represent a managed interface is prevented.</p>
+          <link rel="depends-on" href="#sc-7.16_smt"/>
         </part>
         <part id="sc-7.16_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66907,8 +66907,8 @@
         </part>
         <part id="sc-7.17_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(17)"/>
-          <link rel="depends-on" href="#sc-7.17_smt"/>
           <p>adherence to protocol formats is enforced.</p>
+          <link rel="depends-on" href="#sc-7.17_smt"/>
         </part>
         <part id="sc-7.17_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -66961,8 +66961,8 @@
         </part>
         <part id="sc-7.18_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(18)"/>
-          <link rel="depends-on" href="#sc-7.18_smt"/>
           <p>systems are prevented from entering unsecure states in the event of an operational failure of a boundary protection device.</p>
+          <link rel="depends-on" href="#sc-7.18_smt"/>
         </part>
         <part id="sc-7.18_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67019,17 +67019,17 @@
         </part>
         <part id="sc-7.19_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(19)"/>
-          <link rel="depends-on" href="#sc-7.19_smt"/>
           <part id="sc-7.19_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(19)[01]"/>
-            <link rel="depends-on" href="#sc-7.19_smt"/>
             <p>inbound communications traffic is blocked between <insert type="param" id-ref="sc-07.19_odp"/> that are independently configured by end users and external service providers;</p>
+            <link rel="depends-on" href="#sc-7.19_smt"/>
           </part>
           <part id="sc-7.19_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(19)[02]"/>
-            <link rel="depends-on" href="#sc-7.19_smt"/>
             <p>outbound communications traffic is blocked between <insert type="param" id-ref="sc-07.19_odp"/> that are independently configured by end users and external service providers.</p>
+            <link rel="depends-on" href="#sc-7.19_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-7.19_smt"/>
         </part>
         <part id="sc-7.19_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67087,8 +67087,8 @@
         </part>
         <part id="sc-7.20_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(20)"/>
-          <link rel="depends-on" href="#sc-7.20_smt"/>
           <p>the capability to dynamically isolate <insert type="param" id-ref="sc-07.20_odp"/> from other system components is provided.</p>
+          <link rel="depends-on" href="#sc-7.20_smt"/>
         </part>
         <part id="sc-7.20_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67158,8 +67158,8 @@
         </part>
         <part id="sc-7.21_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(21)"/>
-          <link rel="depends-on" href="#sc-7.21_smt"/>
           <p>boundary protection mechanisms are employed to isolate <insert type="param" id-ref="sc-07.21_odp.01"/> supporting <insert type="param" id-ref="sc-07.21_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-7.21_smt"/>
         </part>
         <part id="sc-7.21_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67210,8 +67210,8 @@
         </part>
         <part id="sc-7.22_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(22)"/>
-          <link rel="depends-on" href="#sc-7.22_smt"/>
           <p>separate network addresses are implemented to connect to systems in different security domains.</p>
+          <link rel="depends-on" href="#sc-7.22_smt"/>
         </part>
         <part id="sc-7.22_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67261,8 +67261,8 @@
         </part>
         <part id="sc-7.23_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(23)"/>
-          <link rel="depends-on" href="#sc-7.23_smt"/>
           <p>feedback to senders is disabled on protocol format validation failure.</p>
+          <link rel="depends-on" href="#sc-7.23_smt"/>
         </part>
         <part id="sc-7.23_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67339,45 +67339,45 @@
         </part>
         <part id="sc-7.24_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(24)"/>
-          <link rel="depends-on" href="#sc-7.24_smt"/>
           <part id="sc-7.24_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(24)(a)"/>
-            <link rel="depends-on" href="#sc-7.24_smt.a"/>
             <p><insert type="param" id-ref="sc-07.24_odp"/> are applied to data elements of personally identifiable information on systems that process personally identifiable information;</p>
+            <link rel="depends-on" href="#sc-7.24_smt.a"/>
           </part>
           <part id="sc-7.24_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(24)(b)"/>
-            <link rel="depends-on" href="#sc-7.24_smt.b"/>
             <part id="sc-7.24_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(24)(b)[01]"/>
-              <link rel="depends-on" href="#sc-7.24_smt.b"/>
               <p>permitted processing is monitored at the external interfaces to the systems that process personally identifiable information;</p>
+              <link rel="depends-on" href="#sc-7.24_smt.b"/>
             </part>
             <part id="sc-7.24_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(24)(b)[02]"/>
-              <link rel="depends-on" href="#sc-7.24_smt.b"/>
               <p>permitted processing is monitored at key internal boundaries within the systems that process personally identifiable information;</p>
+              <link rel="depends-on" href="#sc-7.24_smt.b"/>
             </part>
+            <link rel="depends-on" href="#sc-7.24_smt.b"/>
           </part>
           <part id="sc-7.24_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(24)(c)"/>
-            <link rel="depends-on" href="#sc-7.24_smt.c"/>
             <p>each processing exception is documented for systems that process personally identifiable information;</p>
+            <link rel="depends-on" href="#sc-7.24_smt.c"/>
           </part>
           <part id="sc-7.24_obj.d" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-07(24)(d)"/>
-            <link rel="depends-on" href="#sc-7.24_smt.d"/>
             <part id="sc-7.24_obj.d-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(24)(d)[01]"/>
-              <link rel="depends-on" href="#sc-7.24_smt.d"/>
               <p>exceptions for systems that process personally identifiable information are reviewed;</p>
+              <link rel="depends-on" href="#sc-7.24_smt.d"/>
             </part>
             <part id="sc-7.24_obj.d-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SC-07(24)(d)[02]"/>
-              <link rel="depends-on" href="#sc-7.24_smt.d"/>
               <p>exceptions for systems that process personally identifiable information that are no longer supported are removed.</p>
+              <link rel="depends-on" href="#sc-7.24_smt.d"/>
             </part>
+            <link rel="depends-on" href="#sc-7.24_smt.d"/>
           </part>
+          <link rel="depends-on" href="#sc-7.24_smt"/>
         </part>
         <part id="sc-7.24_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67447,8 +67447,8 @@
         </part>
         <part id="sc-7.25_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(25)"/>
-          <link rel="depends-on" href="#sc-7.25_smt"/>
           <p>the direct connection of <insert type="param" id-ref="sc-07.25_odp.01"/> to an external network without the use of <insert type="param" id-ref="sc-07.25_odp.02"/> is prohibited.</p>
+          <link rel="depends-on" href="#sc-7.25_smt"/>
         </part>
         <part id="sc-7.25_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67506,8 +67506,8 @@
         </part>
         <part id="sc-7.26_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(26)"/>
-          <link rel="depends-on" href="#sc-7.26_smt"/>
           <p>the direct connection of classified national security system to an external network without the use of a <insert type="param" id-ref="sc-07.26_odp"/> is prohibited.</p>
+          <link rel="depends-on" href="#sc-7.26_smt"/>
         </part>
         <part id="sc-7.26_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67574,8 +67574,8 @@
         </part>
         <part id="sc-7.27_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(27)"/>
-          <link rel="depends-on" href="#sc-7.27_smt"/>
           <p>the direct connection of <insert type="param" id-ref="sc-07.27_odp.01"/> to an external network without the use of a <insert type="param" id-ref="sc-07.27_odp.02"/> is prohibited.</p>
+          <link rel="depends-on" href="#sc-7.27_smt"/>
         </part>
         <part id="sc-7.27_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67633,8 +67633,8 @@
         </part>
         <part id="sc-7.28_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(28)"/>
-          <link rel="depends-on" href="#sc-7.28_smt"/>
           <p>the direct connection of the <insert type="param" id-ref="sc-07.28_odp"/> to a public network is prohibited.</p>
+          <link rel="depends-on" href="#sc-7.28_smt"/>
         </part>
         <part id="sc-7.28_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67700,8 +67700,8 @@
         </part>
         <part id="sc-7.29_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-07(29)"/>
-          <link rel="depends-on" href="#sc-7.29_smt"/>
           <p>subnetworks are separated <insert type="param" id-ref="sc-07.29_odp.01"/> to isolate <insert type="param" id-ref="sc-07.29_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-7.29_smt"/>
         </part>
         <part id="sc-7.29_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67784,8 +67784,8 @@
       </part>
       <part id="sc-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-08"/>
-        <link rel="depends-on" href="#sc-8_smt"/>
         <p>the <insert type="param" id-ref="sc-08_odp"/> of transmitted information is/are protected.</p>
+        <link rel="depends-on" href="#sc-8_smt"/>
       </part>
       <part id="sc-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67841,8 +67841,8 @@
         </part>
         <part id="sc-8.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-08(01)"/>
-          <link rel="depends-on" href="#sc-8.1_smt"/>
           <p>cryptographic mechanisms are implemented to <insert type="param" id-ref="sc-08.01_odp"/> during transmission.</p>
+          <link rel="depends-on" href="#sc-8.1_smt"/>
         </part>
         <part id="sc-8.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67899,17 +67899,17 @@
         </part>
         <part id="sc-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-08(02)"/>
-          <link rel="depends-on" href="#sc-8.2_smt"/>
           <part id="sc-8.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-08(02)[01]"/>
-            <link rel="depends-on" href="#sc-8.2_smt"/>
             <p>information <insert type="param" id-ref="sc-08.02_odp"/> is/are maintained during preparation for transmission;</p>
+            <link rel="depends-on" href="#sc-8.2_smt"/>
           </part>
           <part id="sc-8.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-08(02)[02]"/>
-            <link rel="depends-on" href="#sc-8.2_smt"/>
             <p>information <insert type="param" id-ref="sc-08.02_odp"/> is/are maintained during reception.</p>
+            <link rel="depends-on" href="#sc-8.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-8.2_smt"/>
         </part>
         <part id="sc-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -67966,8 +67966,8 @@
         </part>
         <part id="sc-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-08(03)"/>
-          <link rel="depends-on" href="#sc-8.3_smt"/>
           <p>cryptographic mechanisms are implemented to protect message externals unless otherwise protected by <insert type="param" id-ref="sc-08.03_odp"/>.</p>
+          <link rel="depends-on" href="#sc-8.3_smt"/>
         </part>
         <part id="sc-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68026,8 +68026,8 @@
         </part>
         <part id="sc-8.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-08(04)"/>
-          <link rel="depends-on" href="#sc-8.4_smt"/>
           <p>cryptographic mechanisms are implemented to conceal or randomize communication patterns unless otherwise protected by <insert type="param" id-ref="sc-08.04_odp"/>.</p>
+          <link rel="depends-on" href="#sc-8.4_smt"/>
         </part>
         <part id="sc-8.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68092,8 +68092,8 @@
         </part>
         <part id="sc-8.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-08(05)"/>
-          <link rel="depends-on" href="#sc-8.5_smt"/>
           <p>the <insert type="param" id-ref="sc-08.05_odp.01"/> is implemented to <insert type="param" id-ref="sc-08.05_odp.02"/> during transmission.</p>
+          <link rel="depends-on" href="#sc-8.5_smt"/>
         </part>
         <part id="sc-8.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68159,8 +68159,8 @@
       </part>
       <part id="sc-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-10"/>
-        <link rel="depends-on" href="#sc-10_smt"/>
         <p>the network connection associated with a communication session is terminated at the end of the session or after <insert type="param" id-ref="sc-10_odp"/> of inactivity.</p>
+        <link rel="depends-on" href="#sc-10_smt"/>
       </part>
       <part id="sc-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68236,17 +68236,17 @@
       </part>
       <part id="sc-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-11"/>
-        <link rel="depends-on" href="#sc-11_smt"/>
         <part id="sc-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-11a."/>
-          <link rel="depends-on" href="#sc-11_smt.a"/>
           <p>a <insert type="param" id-ref="sc-11_odp.01"/> isolated trusted communication path is provided for communications between the user and the trusted components of the system;</p>
+          <link rel="depends-on" href="#sc-11_smt.a"/>
         </part>
         <part id="sc-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-11b."/>
-          <link rel="depends-on" href="#sc-11_smt.b"/>
           <p>users are permitted to invoke the trusted communication path for communications between the user and the <insert type="param" id-ref="sc-11_odp.02"/> of the system, including authentication and re-authentication, at a minimum.</p>
+          <link rel="depends-on" href="#sc-11_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-11_smt"/>
       </part>
       <part id="sc-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68310,17 +68310,17 @@
         </part>
         <part id="sc-11.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-11(01)"/>
-          <link rel="depends-on" href="#sc-11.1_smt"/>
           <part id="sc-11.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-11(01)(a)"/>
-            <link rel="depends-on" href="#sc-11.1_smt.a"/>
             <p>a trusted communication path that is irrefutably distinguishable from other communication paths is provided;</p>
+            <link rel="depends-on" href="#sc-11.1_smt.a"/>
           </part>
           <part id="sc-11.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-11(01)(b)"/>
-            <link rel="depends-on" href="#sc-11.1_smt.b"/>
             <p>the trusted communication path for communications between the <insert type="param" id-ref="sc-11.01_odp"/> of the system and the user is initiated.</p>
+            <link rel="depends-on" href="#sc-11.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-11.1_smt"/>
         </part>
         <part id="sc-11.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68408,17 +68408,17 @@
       </part>
       <part id="sc-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-12"/>
-        <link rel="depends-on" href="#sc-12_smt"/>
         <part id="sc-12_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-12[01]"/>
-          <link rel="depends-on" href="#sc-12_smt"/>
           <p>cryptographic keys are established when cryptography is employed within the system in accordance with <insert type="param" id-ref="sc-12_odp"/>;</p>
+          <link rel="depends-on" href="#sc-12_smt"/>
         </part>
         <part id="sc-12_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-12[02]"/>
-          <link rel="depends-on" href="#sc-12_smt"/>
           <p>cryptographic keys are managed when cryptography is employed within the system in accordance with <insert type="param" id-ref="sc-12_odp"/>.</p>
+          <link rel="depends-on" href="#sc-12_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-12_smt"/>
       </part>
       <part id="sc-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68466,8 +68466,8 @@
         </part>
         <part id="sc-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-12(01)"/>
-          <link rel="depends-on" href="#sc-12.1_smt"/>
           <p>information availability is maintained in the event of the loss of cryptographic keys by users.</p>
+          <link rel="depends-on" href="#sc-12.1_smt"/>
         </part>
         <part id="sc-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68523,22 +68523,22 @@
         </part>
         <part id="sc-12.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-12(02)"/>
-          <link rel="depends-on" href="#sc-12.2_smt"/>
           <part id="sc-12.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-12(02)[01]"/>
-            <link rel="depends-on" href="#sc-12.2_smt"/>
             <p>symmetric cryptographic keys are produced using <insert type="param" id-ref="sc-12.02_odp"/> key management technology and processes;</p>
+            <link rel="depends-on" href="#sc-12.2_smt"/>
           </part>
           <part id="sc-12.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-12(02)[02]"/>
-            <link rel="depends-on" href="#sc-12.2_smt"/>
             <p>symmetric cryptographic keys are controlled using <insert type="param" id-ref="sc-12.02_odp"/> key management technology and processes;</p>
+            <link rel="depends-on" href="#sc-12.2_smt"/>
           </part>
           <part id="sc-12.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-12(02)[03]"/>
-            <link rel="depends-on" href="#sc-12.2_smt"/>
             <p>symmetric cryptographic keys are distributed using <insert type="param" id-ref="sc-12.02_odp"/> key management technology and processes.</p>
+            <link rel="depends-on" href="#sc-12.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-12.2_smt"/>
         </part>
         <part id="sc-12.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68600,22 +68600,22 @@
         </part>
         <part id="sc-12.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-12(03)"/>
-          <link rel="depends-on" href="#sc-12.3_smt"/>
           <part id="sc-12.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-12(03)[01]"/>
-            <link rel="depends-on" href="#sc-12.3_smt"/>
             <p>asymmetric cryptographic keys are produced using <insert type="param" id-ref="sc-12.03_odp"/>;</p>
+            <link rel="depends-on" href="#sc-12.3_smt"/>
           </part>
           <part id="sc-12.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-12(03)[02]"/>
-            <link rel="depends-on" href="#sc-12.3_smt"/>
             <p>asymmetric cryptographic keys are controlled using <insert type="param" id-ref="sc-12.03_odp"/>;</p>
+            <link rel="depends-on" href="#sc-12.3_smt"/>
           </part>
           <part id="sc-12.3_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-12(03)[03]"/>
-            <link rel="depends-on" href="#sc-12.3_smt"/>
             <p>asymmetric cryptographic keys are distributed using <insert type="param" id-ref="sc-12.03_odp"/>.</p>
+            <link rel="depends-on" href="#sc-12.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-12.3_smt"/>
         </part>
         <part id="sc-12.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68683,8 +68683,8 @@
         </part>
         <part id="sc-12.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-12(06)"/>
-          <link rel="depends-on" href="#sc-12.6_smt"/>
           <p>physical control of cryptographic keys is maintained when stored information is encrypted by external service providers.</p>
+          <link rel="depends-on" href="#sc-12.6_smt"/>
         </part>
         <part id="sc-12.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68784,17 +68784,17 @@
       </part>
       <part id="sc-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-13"/>
-        <link rel="depends-on" href="#sc-13_smt"/>
         <part id="sc-13_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-13a."/>
-          <link rel="depends-on" href="#sc-13_smt.a"/>
           <p><insert type="param" id-ref="sc-13_odp.01"/> are identified;</p>
+          <link rel="depends-on" href="#sc-13_smt.a"/>
         </part>
         <part id="sc-13_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-13b."/>
-          <link rel="depends-on" href="#sc-13_smt.b"/>
           <p><insert type="param" id-ref="sc-13_odp.02"/> for each specified cryptographic use (defined in SC-13_ODP[01]) are implemented.</p>
+          <link rel="depends-on" href="#sc-13_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-13_smt"/>
       </part>
       <part id="sc-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68908,17 +68908,17 @@
       </part>
       <part id="sc-15_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-15"/>
-        <link rel="depends-on" href="#sc-15_smt"/>
         <part id="sc-15_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-15a."/>
-          <link rel="depends-on" href="#sc-15_smt.a"/>
           <p>remote activation of collaborative computing devices and applications is prohibited except <insert type="param" id-ref="sc-15_odp"/>;</p>
+          <link rel="depends-on" href="#sc-15_smt.a"/>
         </part>
         <part id="sc-15_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-15b."/>
-          <link rel="depends-on" href="#sc-15_smt.b"/>
           <p>an explicit indication of use is provided to users physically present at the devices.</p>
+          <link rel="depends-on" href="#sc-15_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-15_smt"/>
       </part>
       <part id="sc-15_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -68975,8 +68975,8 @@
         </part>
         <part id="sc-15.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-15(01)"/>
-          <link rel="depends-on" href="#sc-15.1_smt"/>
           <p>the <insert type="param" id-ref="sc-15.01_odp"/> disconnect of collaborative computing devices is/are provided in a manner that supports ease of use.</p>
+          <link rel="depends-on" href="#sc-15.1_smt"/>
         </part>
         <part id="sc-15.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69049,8 +69049,8 @@
         </part>
         <part id="sc-15.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-15(03)"/>
-          <link rel="depends-on" href="#sc-15.3_smt"/>
           <p>collaborative computing devices and applications are disabled or removed from <insert type="param" id-ref="sc-15.03_odp.01"/> in <insert type="param" id-ref="sc-15.03_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-15.3_smt"/>
         </part>
         <part id="sc-15.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69108,8 +69108,8 @@
         </part>
         <part id="sc-15.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-15(04)"/>
-          <link rel="depends-on" href="#sc-15.4_smt"/>
           <p>an explicit indication of current participants in <insert type="param" id-ref="sc-15.04_odp"/> is provided.</p>
+          <link rel="depends-on" href="#sc-15.4_smt"/>
         </part>
         <part id="sc-15.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69181,27 +69181,27 @@
       </part>
       <part id="sc-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-16"/>
-        <link rel="depends-on" href="#sc-16_smt"/>
         <part id="sc-16_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16[01]"/>
-          <link rel="depends-on" href="#sc-16_smt"/>
           <p><insert type="param" id-ref="sc-16_odp.01"/> are associated with information exchanged between systems;</p>
+          <link rel="depends-on" href="#sc-16_smt"/>
         </part>
         <part id="sc-16_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16[02]"/>
-          <link rel="depends-on" href="#sc-16_smt"/>
           <p><insert type="param" id-ref="sc-16_odp.01"/> are associated with information exchanged between system components;</p>
+          <link rel="depends-on" href="#sc-16_smt"/>
         </part>
         <part id="sc-16_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16[03]"/>
-          <link rel="depends-on" href="#sc-16_smt"/>
           <p><insert type="param" id-ref="sc-16_odp.02"/> are associated with information exchanged between systems;</p>
+          <link rel="depends-on" href="#sc-16_smt"/>
         </part>
         <part id="sc-16_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16[04]"/>
-          <link rel="depends-on" href="#sc-16_smt"/>
           <p><insert type="param" id-ref="sc-16_odp.02"/> are associated with information exchanged between system components.</p>
+          <link rel="depends-on" href="#sc-16_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-16_smt"/>
       </part>
       <part id="sc-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69251,17 +69251,17 @@
         </part>
         <part id="sc-16.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16(01)"/>
-          <link rel="depends-on" href="#sc-16.1_smt"/>
           <part id="sc-16.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-16(01)[01]"/>
-            <link rel="depends-on" href="#sc-16.1_smt"/>
             <p>the integrity of transmitted security attributes is verified;</p>
+            <link rel="depends-on" href="#sc-16.1_smt"/>
           </part>
           <part id="sc-16.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-16(01)[02]"/>
-            <link rel="depends-on" href="#sc-16.1_smt"/>
             <p>the integrity of transmitted privacy attributes is verified.</p>
+            <link rel="depends-on" href="#sc-16.1_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-16.1_smt"/>
         </part>
         <part id="sc-16.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69312,8 +69312,8 @@
         </part>
         <part id="sc-16.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16(02)"/>
-          <link rel="depends-on" href="#sc-16.2_smt"/>
           <p>anti-spoofing mechanisms are implemented to prevent adversaries from falsifying the security attributes indicating the successful application of the security process.</p>
+          <link rel="depends-on" href="#sc-16.2_smt"/>
         </part>
         <part id="sc-16.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69371,8 +69371,8 @@
         </part>
         <part id="sc-16.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-16(03)"/>
-          <link rel="depends-on" href="#sc-16.3_smt"/>
           <p><insert type="param" id-ref="sc-16.03_odp"/> are implemented to bind security and privacy attributes to transmitted information.</p>
+          <link rel="depends-on" href="#sc-16.3_smt"/>
         </part>
         <part id="sc-16.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69443,17 +69443,17 @@
       </part>
       <part id="sc-17_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-17"/>
-        <link rel="depends-on" href="#sc-17_smt"/>
         <part id="sc-17_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-17a."/>
-          <link rel="depends-on" href="#sc-17_smt.a"/>
           <p>public key certificates are issued under <insert type="param" id-ref="sc-17_odp"/> , or public key certificates are obtained from an approved service provider;</p>
+          <link rel="depends-on" href="#sc-17_smt.a"/>
         </part>
         <part id="sc-17_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-17b."/>
-          <link rel="depends-on" href="#sc-17_smt.b"/>
           <p>only approved trust anchors are included in trust stores or certificate stores managed by the organization.</p>
+          <link rel="depends-on" href="#sc-17_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-17_smt"/>
       </part>
       <part id="sc-17_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69512,50 +69512,50 @@
       </part>
       <part id="sc-18_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-18"/>
-        <link rel="depends-on" href="#sc-18_smt"/>
         <part id="sc-18_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18a."/>
-          <link rel="depends-on" href="#sc-18_smt.a"/>
           <part id="sc-18_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18a.[01]"/>
-            <link rel="depends-on" href="#sc-18_smt.a"/>
             <p>acceptable mobile code is defined;</p>
+            <link rel="depends-on" href="#sc-18_smt.a"/>
           </part>
           <part id="sc-18_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18a.[02]"/>
-            <link rel="depends-on" href="#sc-18_smt.a"/>
             <p>unacceptable mobile code is defined;</p>
+            <link rel="depends-on" href="#sc-18_smt.a"/>
           </part>
           <part id="sc-18_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18a.[03]"/>
-            <link rel="depends-on" href="#sc-18_smt.a"/>
             <p>acceptable mobile code technologies are defined;</p>
+            <link rel="depends-on" href="#sc-18_smt.a"/>
           </part>
           <part id="sc-18_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18a.[04]"/>
-            <link rel="depends-on" href="#sc-18_smt.a"/>
             <p>unacceptable mobile code technologies are defined;</p>
+            <link rel="depends-on" href="#sc-18_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sc-18_smt.a"/>
         </part>
         <part id="sc-18_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18b."/>
-          <link rel="depends-on" href="#sc-18_smt.b"/>
           <part id="sc-18_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18b.[01]"/>
-            <link rel="depends-on" href="#sc-18_smt.b"/>
             <p>the use of mobile code is authorized within the system;</p>
+            <link rel="depends-on" href="#sc-18_smt.b"/>
           </part>
           <part id="sc-18_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18b.[02]"/>
-            <link rel="depends-on" href="#sc-18_smt.b"/>
             <p>the use of mobile code is monitored within the system;</p>
+            <link rel="depends-on" href="#sc-18_smt.b"/>
           </part>
           <part id="sc-18_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18b.[03]"/>
-            <link rel="depends-on" href="#sc-18_smt.b"/>
             <p>the use of mobile code is controlled within the system.</p>
+            <link rel="depends-on" href="#sc-18_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-18_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-18_smt"/>
       </part>
       <part id="sc-18_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69622,17 +69622,17 @@
         </part>
         <part id="sc-18.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18(01)"/>
-          <link rel="depends-on" href="#sc-18.1_smt"/>
           <part id="sc-18.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(01)[01]"/>
-            <link rel="depends-on" href="#sc-18.1_smt"/>
             <p><insert type="param" id-ref="sc-18.01_odp.01"/> is identified;</p>
+            <link rel="depends-on" href="#sc-18.1_smt"/>
           </part>
           <part id="sc-18.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(01)[02]"/>
-            <link rel="depends-on" href="#sc-18.1_smt"/>
             <p><insert type="param" id-ref="sc-18.01_odp.02"/> are taken if unacceptable mobile code is identified.</p>
+            <link rel="depends-on" href="#sc-18.1_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-18.1_smt"/>
         </part>
         <part id="sc-18.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69693,22 +69693,22 @@
         </part>
         <part id="sc-18.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18(02)"/>
-          <link rel="depends-on" href="#sc-18.2_smt"/>
           <part id="sc-18.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(02)[01]"/>
-            <link rel="depends-on" href="#sc-18.2_smt"/>
             <p>the acquisition of mobile code to be deployed in the system meets <insert type="param" id-ref="sc-18.02_odp"/>;</p>
+            <link rel="depends-on" href="#sc-18.2_smt"/>
           </part>
           <part id="sc-18.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(02)[02]"/>
-            <link rel="depends-on" href="#sc-18.2_smt"/>
             <p>the development of mobile code to be deployed in the system meets <insert type="param" id-ref="sc-18.02_odp"/>;</p>
+            <link rel="depends-on" href="#sc-18.2_smt"/>
           </part>
           <part id="sc-18.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(02)[03]"/>
-            <link rel="depends-on" href="#sc-18.2_smt"/>
             <p>the use of mobile code to be deployed in the system meets <insert type="param" id-ref="sc-18.02_odp"/>.</p>
+            <link rel="depends-on" href="#sc-18.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-18.2_smt"/>
         </part>
         <part id="sc-18.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69767,17 +69767,17 @@
         </part>
         <part id="sc-18.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18(03)"/>
-          <link rel="depends-on" href="#sc-18.3_smt"/>
           <part id="sc-18.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(03)[01]"/>
-            <link rel="depends-on" href="#sc-18.3_smt"/>
             <p>the download of <insert type="param" id-ref="sc-18.03_odp"/> is prevented;</p>
+            <link rel="depends-on" href="#sc-18.3_smt"/>
           </part>
           <part id="sc-18.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(03)[02]"/>
-            <link rel="depends-on" href="#sc-18.3_smt"/>
             <p>the execution of <insert type="param" id-ref="sc-18.03_odp"/> is prevented.</p>
+            <link rel="depends-on" href="#sc-18.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-18.3_smt"/>
         </part>
         <part id="sc-18.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69843,17 +69843,17 @@
         </part>
         <part id="sc-18.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18(04)"/>
-          <link rel="depends-on" href="#sc-18.4_smt"/>
           <part id="sc-18.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(04)[01]"/>
-            <link rel="depends-on" href="#sc-18.4_smt"/>
             <p>the automatic execution of mobile code in <insert type="param" id-ref="sc-18.04_odp.01"/> is prevented;</p>
+            <link rel="depends-on" href="#sc-18.4_smt"/>
           </part>
           <part id="sc-18.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-18(04)[02]"/>
-            <link rel="depends-on" href="#sc-18.4_smt"/>
             <p><insert type="param" id-ref="sc-18.04_odp.02"/> are enforced prior to executing mobile code.</p>
+            <link rel="depends-on" href="#sc-18.4_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-18.4_smt"/>
         </part>
         <part id="sc-18.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69907,8 +69907,8 @@
         </part>
         <part id="sc-18.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-18(05)"/>
-          <link rel="depends-on" href="#sc-18.5_smt"/>
           <p>execution of permitted mobile code is allowed only in confined virtual machine environments.</p>
+          <link rel="depends-on" href="#sc-18.5_smt"/>
         </part>
         <part id="sc-18.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -69985,35 +69985,35 @@
       </part>
       <part id="sc-20_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-20"/>
-        <link rel="depends-on" href="#sc-20_smt"/>
         <part id="sc-20_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-20a."/>
-          <link rel="depends-on" href="#sc-20_smt.a"/>
           <part id="sc-20_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-20a.[01]"/>
-            <link rel="depends-on" href="#sc-20_smt.a"/>
             <p>additional data origin authentication is provided along with the authoritative name resolution data that the system returns in response to external name/address resolution queries;</p>
+            <link rel="depends-on" href="#sc-20_smt.a"/>
           </part>
           <part id="sc-20_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-20a.[02]"/>
-            <link rel="depends-on" href="#sc-20_smt.a"/>
             <p>integrity verification artifacts are provided along with the authoritative name resolution data that the system returns in response to external name/address resolution queries;</p>
+            <link rel="depends-on" href="#sc-20_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sc-20_smt.a"/>
         </part>
         <part id="sc-20_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-20b."/>
-          <link rel="depends-on" href="#sc-20_smt.b"/>
           <part id="sc-20_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-20b.[01]"/>
-            <link rel="depends-on" href="#sc-20_smt.b"/>
             <p>the means to indicate the security status of child zones (and if the child supports secure resolution services) is provided when operating as part of a distributed, hierarchical namespace;</p>
+            <link rel="depends-on" href="#sc-20_smt.b"/>
           </part>
           <part id="sc-20_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-20b.[02]"/>
-            <link rel="depends-on" href="#sc-20_smt.b"/>
             <p>the means to enable verification of a chain of trust among parent and child domains when operating as part of a distributed, hierarchical namespace is provided.</p>
+            <link rel="depends-on" href="#sc-20_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-20_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-20_smt"/>
       </part>
       <part id="sc-20_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70066,17 +70066,17 @@
         </part>
         <part id="sc-20.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-20(02)"/>
-          <link rel="depends-on" href="#sc-20.2_smt"/>
           <part id="sc-20.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-20(02)[01]"/>
-            <link rel="depends-on" href="#sc-20.2_smt"/>
             <p>data origin artifacts are provided for internal name/address resolution queries;</p>
+            <link rel="depends-on" href="#sc-20.2_smt"/>
           </part>
           <part id="sc-20.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-20(02)[02]"/>
-            <link rel="depends-on" href="#sc-20.2_smt"/>
             <p>integrity protection artifacts are provided for internal name/address resolution queries.</p>
+            <link rel="depends-on" href="#sc-20.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-20.2_smt"/>
         </part>
         <part id="sc-20.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70126,27 +70126,27 @@
       </part>
       <part id="sc-21_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-21"/>
-        <link rel="depends-on" href="#sc-21_smt"/>
         <part id="sc-21_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-21[01]"/>
-          <link rel="depends-on" href="#sc-21_smt"/>
           <p>data origin authentication is requested for the name/address resolution responses that the system receives from authoritative sources;</p>
+          <link rel="depends-on" href="#sc-21_smt"/>
         </part>
         <part id="sc-21_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-21[02]"/>
-          <link rel="depends-on" href="#sc-21_smt"/>
           <p>data origin authentication is performed on the name/address resolution responses that the system receives from authoritative sources;</p>
+          <link rel="depends-on" href="#sc-21_smt"/>
         </part>
         <part id="sc-21_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-21[03]"/>
-          <link rel="depends-on" href="#sc-21_smt"/>
           <p>data integrity verification is requested for the name/address resolution responses that the system receives from authoritative sources;</p>
+          <link rel="depends-on" href="#sc-21_smt"/>
         </part>
         <part id="sc-21_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-21[04]"/>
-          <link rel="depends-on" href="#sc-21_smt"/>
           <p>data integrity verification is performed on the name/address resolution responses that the system receives from authoritative sources.</p>
+          <link rel="depends-on" href="#sc-21_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-21_smt"/>
       </part>
       <part id="sc-21_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70205,22 +70205,22 @@
       </part>
       <part id="sc-22_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-22"/>
-        <link rel="depends-on" href="#sc-22_smt"/>
         <part id="sc-22_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-22[01]"/>
-          <link rel="depends-on" href="#sc-22_smt"/>
           <p>the systems that collectively provide name/address resolution services for an organization are fault-tolerant;</p>
+          <link rel="depends-on" href="#sc-22_smt"/>
         </part>
         <part id="sc-22_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-22[02]"/>
-          <link rel="depends-on" href="#sc-22_smt"/>
           <p>the systems that collectively provide name/address resolution services for an organization implement internal role separation;</p>
+          <link rel="depends-on" href="#sc-22_smt"/>
         </part>
         <part id="sc-22_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-22[03]"/>
-          <link rel="depends-on" href="#sc-22_smt"/>
           <p>the systems that collectively provide name/address resolution services for an organization implement external role separation.</p>
+          <link rel="depends-on" href="#sc-22_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-22_smt"/>
       </part>
       <part id="sc-22_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70276,8 +70276,8 @@
       </part>
       <part id="sc-23_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-23"/>
-        <link rel="depends-on" href="#sc-23_smt"/>
         <p>the authenticity of communication sessions is protected.</p>
+        <link rel="depends-on" href="#sc-23_smt"/>
       </part>
       <part id="sc-23_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70322,8 +70322,8 @@
         </part>
         <part id="sc-23.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-23(01)"/>
-          <link rel="depends-on" href="#sc-23.1_smt"/>
           <p>session identifiers are invalidated upon user logout or other session termination.</p>
+          <link rel="depends-on" href="#sc-23.1_smt"/>
         </part>
         <part id="sc-23.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70388,17 +70388,17 @@
         </part>
         <part id="sc-23.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-23(03)"/>
-          <link rel="depends-on" href="#sc-23.3_smt"/>
           <part id="sc-23.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-23(03)[01]"/>
-            <link rel="depends-on" href="#sc-23.3_smt"/>
             <p>a unique session identifier is generated for each session with <insert type="param" id-ref="sc-23.03_odp"/>;</p>
+            <link rel="depends-on" href="#sc-23.3_smt"/>
           </part>
           <part id="sc-23.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-23(03)[02]"/>
-            <link rel="depends-on" href="#sc-23.3_smt"/>
             <p>only system-generated session identifiers are recognized.</p>
+            <link rel="depends-on" href="#sc-23.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-23.3_smt"/>
         </part>
         <part id="sc-23.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70464,8 +70464,8 @@
         </part>
         <part id="sc-23.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-23(05)"/>
-          <link rel="depends-on" href="#sc-23.5_smt"/>
           <p>only the use of <insert type="param" id-ref="sc-23.05_odp"/> for verification of the establishment of protected sessions is allowed.</p>
+          <link rel="depends-on" href="#sc-23.5_smt"/>
         </part>
         <part id="sc-23.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70546,8 +70546,8 @@
       </part>
       <part id="sc-24_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-24"/>
-        <link rel="depends-on" href="#sc-24_smt"/>
         <p><insert type="param" id-ref="sc-24_odp.01"/> fail to a <insert type="param" id-ref="sc-24_odp.02"/> while preserving <insert type="param" id-ref="sc-24_odp.03"/> in failure.</p>
+        <link rel="depends-on" href="#sc-24_smt"/>
       </part>
       <part id="sc-24_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70606,17 +70606,17 @@
       </part>
       <part id="sc-25_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-25"/>
-        <link rel="depends-on" href="#sc-25_smt"/>
         <part id="sc-25_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-25[01]"/>
-          <link rel="depends-on" href="#sc-25_smt"/>
           <p>minimal functionality for <insert type="param" id-ref="sc-25_odp"/> is employed;</p>
+          <link rel="depends-on" href="#sc-25_smt"/>
         </part>
         <part id="sc-25_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-25[02]"/>
-          <link rel="depends-on" href="#sc-25_smt"/>
           <p>minimal information storage on <insert type="param" id-ref="sc-25_odp"/> is allocated.</p>
+          <link rel="depends-on" href="#sc-25_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-25_smt"/>
       </part>
       <part id="sc-25_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70668,22 +70668,22 @@
       </part>
       <part id="sc-26_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-26"/>
-        <link rel="depends-on" href="#sc-26_smt"/>
         <part id="sc-26_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-26[01]"/>
-          <link rel="depends-on" href="#sc-26_smt"/>
           <p>components within organizational systems specifically designed to be the target of malicious attacks are included to detect such attacks;</p>
+          <link rel="depends-on" href="#sc-26_smt"/>
         </part>
         <part id="sc-26_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-26[02]"/>
-          <link rel="depends-on" href="#sc-26_smt"/>
           <p>components within organizational systems specifically designed to be the target of malicious attacks are included to deflect such attacks;</p>
+          <link rel="depends-on" href="#sc-26_smt"/>
         </part>
         <part id="sc-26_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-26[03]"/>
-          <link rel="depends-on" href="#sc-26_smt"/>
           <p>components within organizational systems specifically designed to be the target of malicious attacks are included to analyze such attacks.</p>
+          <link rel="depends-on" href="#sc-26_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-26_smt"/>
       </part>
       <part id="sc-26_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70746,8 +70746,8 @@
       </part>
       <part id="sc-27_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-27"/>
-        <link rel="depends-on" href="#sc-27_smt"/>
         <p><insert type="param" id-ref="sc-27_odp"/> are included within organizational systems.</p>
+        <link rel="depends-on" href="#sc-27_smt"/>
       </part>
       <part id="sc-27_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70838,8 +70838,8 @@
       </part>
       <part id="sc-28_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-28"/>
-        <link rel="depends-on" href="#sc-28_smt"/>
         <p>the <insert type="param" id-ref="sc-28_odp.01"/> of <insert type="param" id-ref="sc-28_odp.02"/> is/are protected.</p>
+        <link rel="depends-on" href="#sc-28_smt"/>
       </part>
       <part id="sc-28_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70905,17 +70905,17 @@
         </part>
         <part id="sc-28.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-28(01)"/>
-          <link rel="depends-on" href="#sc-28.1_smt"/>
           <part id="sc-28.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-28(01)[01]"/>
-            <link rel="depends-on" href="#sc-28.1_smt"/>
             <p>cryptographic mechanisms are implemented to prevent unauthorized disclosure of <insert type="param" id-ref="sc-28.01_odp.01"/> at rest on <insert type="param" id-ref="sc-28.01_odp.02"/>;</p>
+            <link rel="depends-on" href="#sc-28.1_smt"/>
           </part>
           <part id="sc-28.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-28(01)[02]"/>
-            <link rel="depends-on" href="#sc-28.1_smt"/>
             <p>cryptographic mechanisms are implemented to prevent unauthorized modification of <insert type="param" id-ref="sc-28.01_odp.01"/> at rest on <insert type="param" id-ref="sc-28.01_odp.02"/>.</p>
+            <link rel="depends-on" href="#sc-28.1_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-28.1_smt"/>
         </part>
         <part id="sc-28.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -70971,17 +70971,17 @@
         </part>
         <part id="sc-28.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-28(02)"/>
-          <link rel="depends-on" href="#sc-28.2_smt"/>
           <part id="sc-28.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-28(02)[01]"/>
-            <link rel="depends-on" href="#sc-28.2_smt"/>
             <p><insert type="param" id-ref="sc-28.02_odp"/> is removed from online storage;</p>
+            <link rel="depends-on" href="#sc-28.2_smt"/>
           </part>
           <part id="sc-28.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-28(02)[02]"/>
-            <link rel="depends-on" href="#sc-28.2_smt"/>
             <p><insert type="param" id-ref="sc-28.02_odp"/> is stored offline in a secure location.</p>
+            <link rel="depends-on" href="#sc-28.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-28.2_smt"/>
         </part>
         <part id="sc-28.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71049,8 +71049,8 @@
         </part>
         <part id="sc-28.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-28(03)"/>
-          <link rel="depends-on" href="#sc-28.3_smt"/>
           <p>protected storage for cryptographic keys is provided using <insert type="param" id-ref="sc-28.03_odp.01"/>.</p>
+          <link rel="depends-on" href="#sc-28.3_smt"/>
         </part>
         <part id="sc-28.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71111,8 +71111,8 @@
       </part>
       <part id="sc-29_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-29"/>
-        <link rel="depends-on" href="#sc-29_smt"/>
         <p>a diverse set of information technologies is employed for <insert type="param" id-ref="sc-29_odp"/> in the implementation of the system.</p>
+        <link rel="depends-on" href="#sc-29_smt"/>
       </part>
       <part id="sc-29_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71168,8 +71168,8 @@
         </part>
         <part id="sc-29.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-29(01)"/>
-          <link rel="depends-on" href="#sc-29.1_smt"/>
           <p>virtualization techniques are employed to support the deployment of a diverse range of operating systems and applications that are changed <insert type="param" id-ref="sc-29.01_odp"/>.</p>
+          <link rel="depends-on" href="#sc-29.1_smt"/>
         </part>
         <part id="sc-29.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71252,8 +71252,8 @@
       </part>
       <part id="sc-30_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-30"/>
-        <link rel="depends-on" href="#sc-30_smt"/>
         <p><insert type="param" id-ref="sc-30_odp.01"/> are employed for <insert type="param" id-ref="sc-30_odp.02"/> for <insert type="param" id-ref="sc-30_odp.03"/> to confuse and mislead adversaries.</p>
+        <link rel="depends-on" href="#sc-30_smt"/>
       </part>
       <part id="sc-30_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71318,8 +71318,8 @@
         </part>
         <part id="sc-30.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-30(02)"/>
-          <link rel="depends-on" href="#sc-30.2_smt"/>
           <p><insert type="param" id-ref="sc-30.02_odp"/> are employed to introduce randomness into organizational operations and assets.</p>
+          <link rel="depends-on" href="#sc-30.2_smt"/>
         </part>
         <part id="sc-30.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71393,8 +71393,8 @@
         </part>
         <part id="sc-30.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-30(03)"/>
-          <link rel="depends-on" href="#sc-30.3_smt"/>
           <p>the location of <insert type="param" id-ref="sc-30.03_odp.01"/> is changed <insert type="param" id-ref="sc-30.03_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-30.3_smt"/>
         </part>
         <part id="sc-30.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71452,8 +71452,8 @@
         </part>
         <part id="sc-30.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-30(04)"/>
-          <link rel="depends-on" href="#sc-30.4_smt"/>
           <p>realistic but misleading information about the security state or posture of <insert type="param" id-ref="sc-30.04_odp"/> is employed.</p>
+          <link rel="depends-on" href="#sc-30.4_smt"/>
         </part>
         <part id="sc-30.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71518,8 +71518,8 @@
         </part>
         <part id="sc-30.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-30(05)"/>
-          <link rel="depends-on" href="#sc-30.5_smt"/>
           <p><insert type="param" id-ref="sc-30.05_odp.01"/> are employed to hide or conceal <insert type="param" id-ref="sc-30.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-30.5_smt"/>
         </part>
         <part id="sc-30.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71588,17 +71588,17 @@
       </part>
       <part id="sc-31_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-31"/>
-        <link rel="depends-on" href="#sc-31_smt"/>
         <part id="sc-31_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-31a."/>
-          <link rel="depends-on" href="#sc-31_smt.a"/>
           <p>a covert channel analysis is performed to identify those aspects of communications within the system that are potential avenues for covert <insert type="param" id-ref="sc-31_odp"/> channels;</p>
+          <link rel="depends-on" href="#sc-31_smt.a"/>
         </part>
         <part id="sc-31_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-31b."/>
-          <link rel="depends-on" href="#sc-31_smt.b"/>
           <p>the maximum bandwidth of those channels is estimated.</p>
+          <link rel="depends-on" href="#sc-31_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-31_smt"/>
       </part>
       <part id="sc-31_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71649,8 +71649,8 @@
         </part>
         <part id="sc-31.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-31(01)"/>
-          <link rel="depends-on" href="#sc-31.1_smt"/>
           <p>a subset of the identified covert channels is tested to determine the channels that are exploitable.</p>
+          <link rel="depends-on" href="#sc-31.1_smt"/>
         </part>
         <part id="sc-31.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71717,8 +71717,8 @@
         </part>
         <part id="sc-31.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-31(02)"/>
-          <link rel="depends-on" href="#sc-31.2_smt"/>
           <p>the maximum bandwidth for identified covert <insert type="param" id-ref="sc-31.02_odp.01"/> channels is reduced to <insert type="param" id-ref="sc-31.02_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-31.2_smt"/>
         </part>
         <part id="sc-31.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71780,8 +71780,8 @@
         </part>
         <part id="sc-31.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-31(03)"/>
-          <link rel="depends-on" href="#sc-31.3_smt"/>
           <p>the bandwidth of <insert type="param" id-ref="sc-31.03_odp"/> is measured in the operational environment of the system.</p>
+          <link rel="depends-on" href="#sc-31.3_smt"/>
         </part>
         <part id="sc-31.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71868,8 +71868,8 @@
       </part>
       <part id="sc-32_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-32"/>
-        <link rel="depends-on" href="#sc-32_smt"/>
         <p>the system is partitioned into <insert type="param" id-ref="sc-32_odp.01"/> residing in separate <insert type="param" id-ref="sc-32_odp.02"/> domains or environments based on <insert type="param" id-ref="sc-32_odp.03"/>.</p>
+        <link rel="depends-on" href="#sc-32_smt"/>
       </part>
       <part id="sc-32_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -71921,8 +71921,8 @@
         </part>
         <part id="sc-32.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-32(01)"/>
-          <link rel="depends-on" href="#sc-32.1_smt"/>
           <p>privileged functions are partitioned into separate physical domains.</p>
+          <link rel="depends-on" href="#sc-32.1_smt"/>
         </part>
         <part id="sc-32.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72009,17 +72009,17 @@
       </part>
       <part id="sc-34_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-34"/>
-        <link rel="depends-on" href="#sc-34_smt"/>
         <part id="sc-34_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-34a."/>
-          <link rel="depends-on" href="#sc-34_smt.a"/>
           <p>the operating environment for <insert type="param" id-ref="sc-34_odp.01"/> is loaded and executed from hardware-enforced, read-only media;</p>
+          <link rel="depends-on" href="#sc-34_smt.a"/>
         </part>
         <part id="sc-34_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-34b."/>
-          <link rel="depends-on" href="#sc-34_smt.b"/>
           <p><insert type="param" id-ref="sc-34_odp.02"/> for <insert type="param" id-ref="sc-34_odp.01"/> are loaded and executed from hardware-enforced, read-only media.</p>
+          <link rel="depends-on" href="#sc-34_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-34_smt"/>
       </part>
       <part id="sc-34_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72084,8 +72084,8 @@
         </part>
         <part id="sc-34.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-34(01)"/>
-          <link rel="depends-on" href="#sc-34.1_smt"/>
           <p><insert type="param" id-ref="sc-34.01_odp"/> are employed with no writeable storage that is persistent across component restart or power on/off.</p>
+          <link rel="depends-on" href="#sc-34.1_smt"/>
         </part>
         <part id="sc-34.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72145,17 +72145,17 @@
         </part>
         <part id="sc-34.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-34(02)"/>
-          <link rel="depends-on" href="#sc-34.2_smt"/>
           <part id="sc-34.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-34(02)[01]"/>
-            <link rel="depends-on" href="#sc-34.2_smt"/>
             <p>the integrity of information is protected prior to storage on read-only media;</p>
+            <link rel="depends-on" href="#sc-34.2_smt"/>
           </part>
           <part id="sc-34.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-34(02)[02]"/>
-            <link rel="depends-on" href="#sc-34.2_smt"/>
             <p>the media is controlled after such information has been recorded onto the media;</p>
+            <link rel="depends-on" href="#sc-34.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sc-34.2_smt"/>
         </part>
         <part id="sc-34.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72217,8 +72217,8 @@
       </part>
       <part id="sc-35_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-35"/>
-        <link rel="depends-on" href="#sc-35_smt"/>
         <p>system components that proactively seek to identify network-based malicious code or malicious websites are included.</p>
+        <link rel="depends-on" href="#sc-35_smt"/>
       </part>
       <part id="sc-35_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72313,17 +72313,17 @@
       </part>
       <part id="sc-36_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-36"/>
-        <link rel="depends-on" href="#sc-36_smt"/>
         <part id="sc-36_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-36[01]"/>
-          <link rel="depends-on" href="#sc-36_smt"/>
           <p><insert type="param" id-ref="sc-36_odp.01"/> are distributed across <insert type="param" id-ref="sc-36_odp.02"/>;</p>
+          <link rel="depends-on" href="#sc-36_smt"/>
         </part>
         <part id="sc-36_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-36[02]"/>
-          <link rel="depends-on" href="#sc-36_smt"/>
           <p><insert type="param" id-ref="sc-36_odp.03"/> are distributed across <insert type="param" id-ref="sc-36_odp.04"/>.</p>
+          <link rel="depends-on" href="#sc-36_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-36_smt"/>
       </part>
       <part id="sc-36_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72402,17 +72402,17 @@
         </part>
         <part id="sc-36.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-36(01)"/>
-          <link rel="depends-on" href="#sc-36.1_smt"/>
           <part id="sc-36.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-36(01)(a)"/>
-            <link rel="depends-on" href="#sc-36.1_smt.a"/>
             <p>polling techniques are employed to identify potential faults, errors, or compromises to <insert type="param" id-ref="sc-36.01_odp.01"/>;</p>
+            <link rel="depends-on" href="#sc-36.1_smt.a"/>
           </part>
           <part id="sc-36.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-36(01)(b)"/>
-            <link rel="depends-on" href="#sc-36.1_smt.b"/>
             <p><insert type="param" id-ref="sc-36.01_odp.02"/> are taken in response to identified faults, errors, or compromise.</p>
+            <link rel="depends-on" href="#sc-36.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-36.1_smt"/>
         </part>
         <part id="sc-36.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72472,8 +72472,8 @@
         </part>
         <part id="sc-36.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-36(02)"/>
-          <link rel="depends-on" href="#sc-36.2_smt"/>
           <p><insert type="param" id-ref="sc-36.02_odp"/> are synchronized.</p>
+          <link rel="depends-on" href="#sc-36.2_smt"/>
         </part>
         <part id="sc-36.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72563,8 +72563,8 @@
       </part>
       <part id="sc-37_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-37"/>
-        <link rel="depends-on" href="#sc-37_smt"/>
         <p><insert type="param" id-ref="sc-37_odp.01"/> are employed for the physical delivery or electronic transmission of <insert type="param" id-ref="sc-37_odp.02"/> to <insert type="param" id-ref="sc-37_odp.03"/>.</p>
+        <link rel="depends-on" href="#sc-37_smt"/>
       </part>
       <part id="sc-37_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72645,8 +72645,8 @@
         </part>
         <part id="sc-37.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-37(01)"/>
-          <link rel="depends-on" href="#sc-37.1_smt"/>
           <p><insert type="param" id-ref="sc-37.01_odp.01"/> are employed to ensure that only <insert type="param" id-ref="sc-37.01_odp.02"/> receive <insert type="param" id-ref="sc-37.01_odp.03"/>.</p>
+          <link rel="depends-on" href="#sc-37.1_smt"/>
         </part>
         <part id="sc-37.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72723,8 +72723,8 @@
       </part>
       <part id="sc-38_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-38"/>
-        <link rel="depends-on" href="#sc-38_smt"/>
         <p><insert type="param" id-ref="sc-38_odp"/> are employed to protect key organizational information throughout the system development life cycle.</p>
+        <link rel="depends-on" href="#sc-38_smt"/>
       </part>
       <part id="sc-38_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72786,8 +72786,8 @@
       </part>
       <part id="sc-39_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-39"/>
-        <link rel="depends-on" href="#sc-39_smt"/>
         <p>a separate execution domain is maintained for each executing system process.</p>
+        <link rel="depends-on" href="#sc-39_smt"/>
       </part>
       <part id="sc-39_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72831,8 +72831,8 @@
         </part>
         <part id="sc-39.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-39(01)"/>
-          <link rel="depends-on" href="#sc-39.1_smt"/>
           <p>hardware separation is implemented to facilitate process isolation.</p>
+          <link rel="depends-on" href="#sc-39.1_smt"/>
         </part>
         <part id="sc-39.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72891,8 +72891,8 @@
         </part>
         <part id="sc-39.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-39(02)"/>
-          <link rel="depends-on" href="#sc-39.2_smt"/>
           <p>a separate execution domain is maintained for each thread in <insert type="param" id-ref="sc-39.02_odp"/>.</p>
+          <link rel="depends-on" href="#sc-39.2_smt"/>
         </part>
         <part id="sc-39.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -72984,17 +72984,17 @@
       </part>
       <part id="sc-40_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-40"/>
-        <link rel="depends-on" href="#sc-40_smt"/>
         <part id="sc-40_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-40[01]"/>
-          <link rel="depends-on" href="#sc-40_smt"/>
           <p>external <insert type="param" id-ref="sc-40_odp.01"/> are protected from <insert type="param" id-ref="sc-40_odp.02"/>.</p>
+          <link rel="depends-on" href="#sc-40_smt"/>
         </part>
         <part id="sc-40_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-40[02]"/>
-          <link rel="depends-on" href="#sc-40_smt"/>
           <p>internal <insert type="param" id-ref="sc-40_odp.03"/> are protected from <insert type="param" id-ref="sc-40_odp.04"/>.</p>
+          <link rel="depends-on" href="#sc-40_smt"/>
         </part>
+        <link rel="depends-on" href="#sc-40_smt"/>
       </part>
       <part id="sc-40_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73058,8 +73058,8 @@
         </part>
         <part id="sc-40.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-40(01)"/>
-          <link rel="depends-on" href="#sc-40.1_smt"/>
           <p>cryptographic mechanisms that achieve <insert type="param" id-ref="sc-40.01_odp"/> against the effects of intentional electromagnetic interference are implemented.</p>
+          <link rel="depends-on" href="#sc-40.1_smt"/>
         </part>
         <part id="sc-40.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73123,8 +73123,8 @@
         </part>
         <part id="sc-40.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-40(02)"/>
-          <link rel="depends-on" href="#sc-40.2_smt"/>
           <p>cryptographic mechanisms to reduce the detection potential of wireless links to <insert type="param" id-ref="sc-40.02_odp"/> are implemented.</p>
+          <link rel="depends-on" href="#sc-40.2_smt"/>
         </part>
         <part id="sc-40.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73181,8 +73181,8 @@
         </part>
         <part id="sc-40.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-40(03)"/>
-          <link rel="depends-on" href="#sc-40.3_smt"/>
           <p>cryptographic mechanisms are implemented to identify and reject wireless transmissions that are deliberate attempts to achieve imitative or manipulative communications deception based on signal parameters.</p>
+          <link rel="depends-on" href="#sc-40.3_smt"/>
         </part>
         <part id="sc-40.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73244,8 +73244,8 @@
         </part>
         <part id="sc-40.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-40(04)"/>
-          <link rel="depends-on" href="#sc-40.4_smt"/>
           <p>cryptographic mechanisms are implemented to prevent the identification of <insert type="param" id-ref="sc-40.04_odp"/> by using the transmitter signal parameters.</p>
+          <link rel="depends-on" href="#sc-40.4_smt"/>
         </part>
         <part id="sc-40.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73324,8 +73324,8 @@
       </part>
       <part id="sc-41_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-41"/>
-        <link rel="depends-on" href="#sc-41_smt"/>
         <p><insert type="param" id-ref="sc-41_odp.01"/> are <insert type="param" id-ref="sc-41_odp.02"/> disabled or removed on <insert type="param" id-ref="sc-41_odp.03"/>.</p>
+        <link rel="depends-on" href="#sc-41_smt"/>
       </part>
       <part id="sc-41_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73424,17 +73424,17 @@
       </part>
       <part id="sc-42_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-42"/>
-        <link rel="depends-on" href="#sc-42_smt"/>
         <part id="sc-42_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-42a."/>
-          <link rel="depends-on" href="#sc-42_smt.a"/>
           <p><insert type="param" id-ref="sc-42_odp.01"/> is/are prohibited;</p>
+          <link rel="depends-on" href="#sc-42_smt.a"/>
         </part>
         <part id="sc-42_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-42b."/>
-          <link rel="depends-on" href="#sc-42_smt.b"/>
           <p>an explicit indication of sensor use is provided to <insert type="param" id-ref="sc-42_odp.05"/>.</p>
+          <link rel="depends-on" href="#sc-42_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-42_smt"/>
       </part>
       <part id="sc-42_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73494,8 +73494,8 @@
         </part>
         <part id="sc-42.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-42(01)"/>
-          <link rel="depends-on" href="#sc-42.1_smt"/>
           <p>the system is configured so that data or information collected by the <insert type="param" id-ref="sc-42.01_odp"/> is only reported to authorized individuals or roles.</p>
+          <link rel="depends-on" href="#sc-42.1_smt"/>
         </part>
         <part id="sc-42.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73559,8 +73559,8 @@
         </part>
         <part id="sc-42.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-42(02)"/>
-          <link rel="depends-on" href="#sc-42.2_smt"/>
           <p><insert type="param" id-ref="sc-42.02_odp"/> are employed so that data or information collected by <insert type="param" id-ref="sc-42.01_odp"/> is only used for authorized purposes.</p>
+          <link rel="depends-on" href="#sc-42.2_smt"/>
         </part>
         <part id="sc-42.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73641,8 +73641,8 @@
         </part>
         <part id="sc-42.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-42(04)"/>
-          <link rel="depends-on" href="#sc-42.4_smt"/>
           <p><insert type="param" id-ref="sc-42.04_odp.01"/> are employed to facilitate an individual’s awareness that personally identifiable information is being collected by <insert type="param" id-ref="sc-42.04_odp.02"/> </p>
+          <link rel="depends-on" href="#sc-42.4_smt"/>
         </part>
         <part id="sc-42.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73709,8 +73709,8 @@
         </part>
         <part id="sc-42.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-42(05)"/>
-          <link rel="depends-on" href="#sc-42.5_smt"/>
           <p>the <insert type="param" id-ref="sc-42.05_odp"/> configured to minimize the collection of information about individuals that is not needed are employed.</p>
+          <link rel="depends-on" href="#sc-42.5_smt"/>
         </part>
         <part id="sc-42.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73791,31 +73791,31 @@
       </part>
       <part id="sc-43_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-43"/>
-        <link rel="depends-on" href="#sc-43_smt"/>
         <part id="sc-43_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-43a."/>
-          <link rel="depends-on" href="#sc-43_smt.a"/>
           <p>usage restrictions and implementation guidelines are established for <insert type="param" id-ref="sc-43_odp"/>;</p>
+          <link rel="depends-on" href="#sc-43_smt.a"/>
         </part>
         <part id="sc-43_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-43b."/>
-          <link rel="depends-on" href="#sc-43_smt.b"/>
           <part id="sc-43_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-43b.[01]"/>
-            <link rel="depends-on" href="#sc-43_smt.b"/>
             <p>the use of <insert type="param" id-ref="sc-43_odp"/> is authorized within the system;</p>
+            <link rel="depends-on" href="#sc-43_smt.b"/>
           </part>
           <part id="sc-43_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-43b.[02]"/>
-            <link rel="depends-on" href="#sc-43_smt.b"/>
             <p>the use of <insert type="param" id-ref="sc-43_odp"/> is monitored within the system;</p>
+            <link rel="depends-on" href="#sc-43_smt.b"/>
           </part>
           <part id="sc-43_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-43b.[03]"/>
-            <link rel="depends-on" href="#sc-43_smt.b"/>
             <p>the use of <insert type="param" id-ref="sc-43_odp"/> is controlled within the system.</p>
+            <link rel="depends-on" href="#sc-43_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-43_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-43_smt"/>
       </part>
       <part id="sc-43_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73882,8 +73882,8 @@
       </part>
       <part id="sc-44_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-44"/>
-        <link rel="depends-on" href="#sc-44_smt"/>
         <p>a detonation chamber capability is employed within the <insert type="param" id-ref="sc-44_odp"/>.</p>
+        <link rel="depends-on" href="#sc-44_smt"/>
       </part>
       <part id="sc-44_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -73934,8 +73934,8 @@
       </part>
       <part id="sc-45_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-45"/>
-        <link rel="depends-on" href="#sc-45_smt"/>
         <p>system clocks are synchronized within and between systems and system components.</p>
+        <link rel="depends-on" href="#sc-45_smt"/>
       </part>
       <part id="sc-45_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74012,17 +74012,17 @@
         </part>
         <part id="sc-45.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-45(01)"/>
-          <link rel="depends-on" href="#sc-45.1_smt"/>
           <part id="sc-45.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-45(01)(a)"/>
-            <link rel="depends-on" href="#sc-45.1_smt.a"/>
             <p>the internal system clocks are compared <insert type="param" id-ref="sc-45.01_odp.01"/> with <insert type="param" id-ref="sc-45.01_odp.02"/>;</p>
+            <link rel="depends-on" href="#sc-45.1_smt.a"/>
           </part>
           <part id="sc-45.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-45(01)(b)"/>
-            <link rel="depends-on" href="#sc-45.1_smt.b"/>
             <p>the internal system clocks are synchronized with the authoritative time source when the time difference is greater than <insert type="param" id-ref="sc-45.01_odp.03"/>.</p>
+            <link rel="depends-on" href="#sc-45.1_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-45.1_smt"/>
         </part>
         <part id="sc-45.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74076,17 +74076,17 @@
         </part>
         <part id="sc-45.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-45(02)"/>
-          <link rel="depends-on" href="#sc-45.2_smt"/>
           <part id="sc-45.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-45(02)(a)"/>
-            <link rel="depends-on" href="#sc-45.2_smt.a"/>
             <p>a secondary authoritative time source is identified that is in a different geographic region than the primary authoritative time source;</p>
+            <link rel="depends-on" href="#sc-45.2_smt.a"/>
           </part>
           <part id="sc-45.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-45(02)(b)"/>
-            <link rel="depends-on" href="#sc-45.2_smt.b"/>
             <p>the internal system clocks are synchronized to the secondary authoritative time source if the primary authoritative time source is unavailable.</p>
+            <link rel="depends-on" href="#sc-45.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-45.2_smt"/>
         </part>
         <part id="sc-45.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74144,8 +74144,8 @@
       </part>
       <part id="sc-46_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-46"/>
-        <link rel="depends-on" href="#sc-46_smt"/>
         <p>a policy enforcement mechanism is <insert type="param" id-ref="sc-46_odp"/> implemented between the physical and/or network interfaces for the connecting security domains.</p>
+        <link rel="depends-on" href="#sc-46_smt"/>
       </part>
       <part id="sc-46_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74206,8 +74206,8 @@
       </part>
       <part id="sc-47_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-47"/>
-        <link rel="depends-on" href="#sc-47_smt"/>
         <p><insert type="param" id-ref="sc-47_odp"/> are established for system operations and operational command and control.</p>
+        <link rel="depends-on" href="#sc-47_smt"/>
       </part>
       <part id="sc-47_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74282,8 +74282,8 @@
       </part>
       <part id="sc-48_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-48"/>
-        <link rel="depends-on" href="#sc-48_smt"/>
         <p><insert type="param" id-ref="sc-48_odp.01"/> are relocated to <insert type="param" id-ref="sc-48_odp.02"/> under <insert type="param" id-ref="sc-48_odp.03"/>.</p>
+        <link rel="depends-on" href="#sc-48_smt"/>
       </part>
       <part id="sc-48_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74357,8 +74357,8 @@
         </part>
         <part id="sc-48.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-48(01)"/>
-          <link rel="depends-on" href="#sc-48.1_smt"/>
           <p><insert type="param" id-ref="sc-48.01_odp.01"/> are dynamically relocated to <insert type="param" id-ref="sc-48.01_odp.02"/> under <insert type="param" id-ref="sc-48.01_odp.03"/>.</p>
+          <link rel="depends-on" href="#sc-48.1_smt"/>
         </part>
         <part id="sc-48.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74422,8 +74422,8 @@
       </part>
       <part id="sc-49_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-49"/>
-        <link rel="depends-on" href="#sc-49_smt"/>
         <p>hardware-enforced separation and policy enforcement mechanisms are implemented between <insert type="param" id-ref="sc-49_odp"/>.</p>
+        <link rel="depends-on" href="#sc-49_smt"/>
       </part>
       <part id="sc-49_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74486,8 +74486,8 @@
       </part>
       <part id="sc-50_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-50"/>
-        <link rel="depends-on" href="#sc-50_smt"/>
         <p>software-enforced separation and policy enforcement mechanisms are implemented between <insert type="param" id-ref="sc-50_odp"/>.</p>
+        <link rel="depends-on" href="#sc-50_smt"/>
       </part>
       <part id="sc-50_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74558,26 +74558,26 @@
       </part>
       <part id="sc-51_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SC-51"/>
-        <link rel="depends-on" href="#sc-51_smt"/>
         <part id="sc-51_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-51a."/>
-          <link rel="depends-on" href="#sc-51_smt.a"/>
           <p>hardware-based write-protect for <insert type="param" id-ref="sc-51_odp.01"/> is employed;</p>
+          <link rel="depends-on" href="#sc-51_smt.a"/>
         </part>
         <part id="sc-51_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SC-51b."/>
-          <link rel="depends-on" href="#sc-51_smt.b"/>
           <part id="sc-51_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-51b.[01]"/>
-            <link rel="depends-on" href="#sc-51_smt.b"/>
             <p>specific procedures are implemented for <insert type="param" id-ref="sc-51_odp.02"/> to manually disable hardware write-protect for firmware modifications;</p>
+            <link rel="depends-on" href="#sc-51_smt.b"/>
           </part>
           <part id="sc-51_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SC-51b.[02]"/>
-            <link rel="depends-on" href="#sc-51_smt.b"/>
             <p>specific procedures are implemented for <insert type="param" id-ref="sc-51_odp.02"/> to re-enable the write-protect prior to returning to operational mode.</p>
+            <link rel="depends-on" href="#sc-51_smt.b"/>
           </part>
+          <link rel="depends-on" href="#sc-51_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sc-51_smt"/>
       </part>
       <part id="sc-51_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74740,116 +74740,116 @@
       </part>
       <part id="si-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-01"/>
-        <link rel="depends-on" href="#si-1_smt"/>
         <part id="si-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-01a."/>
-          <link rel="depends-on" href="#si-1_smt.a"/>
           <part id="si-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01a.[01]"/>
-            <link rel="depends-on" href="#si-1_smt.a"/>
             <p>a system and information integrity policy is developed and documented;</p>
+            <link rel="depends-on" href="#si-1_smt.a"/>
           </part>
           <part id="si-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01a.[02]"/>
-            <link rel="depends-on" href="#si-1_smt.a"/>
             <p>the system and information integrity policy is disseminated to <insert type="param" id-ref="si-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#si-1_smt.a"/>
           </part>
           <part id="si-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01a.[03]"/>
-            <link rel="depends-on" href="#si-1_smt.a"/>
             <p>system and information integrity procedures to facilitate the implementation of the system and information integrity policy and associated system and information integrity controls are developed and documented;</p>
+            <link rel="depends-on" href="#si-1_smt.a"/>
           </part>
           <part id="si-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01a.[04]"/>
-            <link rel="depends-on" href="#si-1_smt.a"/>
             <p>the system and information integrity procedures are disseminated to <insert type="param" id-ref="si-01_odp.02"/>;</p>
+            <link rel="depends-on" href="#si-1_smt.a"/>
           </part>
           <part id="si-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01a.01"/>
-            <link rel="depends-on" href="#si-1_smt.a.1"/>
             <part id="si-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-01a.01(a)"/>
-              <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               <part id="si-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses purpose;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
               <part id="si-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses scope;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
               <part id="si-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses roles;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
               <part id="si-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
               <part id="si-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses management commitment;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
               <part id="si-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
               <part id="si-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SI-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy addresses compliance;</p>
+                <link rel="depends-on" href="#si-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#si-1_smt.a.1.a"/>
             </part>
             <part id="si-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-01a.01(b)"/>
-              <link rel="depends-on" href="#si-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="si-01_odp.03"/> system and information integrity policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#si-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#si-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#si-1_smt.a"/>
         </part>
         <part id="si-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-01b."/>
-          <link rel="depends-on" href="#si-1_smt.b"/>
           <p>the <insert type="param" id-ref="si-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the system and information integrity policy and procedures;</p>
+          <link rel="depends-on" href="#si-1_smt.b"/>
         </part>
         <part id="si-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-01c."/>
-          <link rel="depends-on" href="#si-1_smt.c"/>
           <part id="si-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01c.01"/>
-            <link rel="depends-on" href="#si-1_smt.c.1"/>
             <part id="si-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-01c.01[01]"/>
-              <link rel="depends-on" href="#si-1_smt.c.1"/>
               <p>the current system and information integrity policy is reviewed and updated <insert type="param" id-ref="si-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#si-1_smt.c.1"/>
             </part>
             <part id="si-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-01c.01[02]"/>
-              <link rel="depends-on" href="#si-1_smt.c.1"/>
               <p>the current system and information integrity policy is reviewed and updated following <insert type="param" id-ref="si-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#si-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#si-1_smt.c.1"/>
           </part>
           <part id="si-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-01c.02"/>
-            <link rel="depends-on" href="#si-1_smt.c.2"/>
             <part id="si-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-01c.02[01]"/>
-              <link rel="depends-on" href="#si-1_smt.c.2"/>
               <p>the current system and information integrity procedures are reviewed and updated <insert type="param" id-ref="si-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#si-1_smt.c.2"/>
             </part>
             <part id="si-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-01c.02[02]"/>
-              <link rel="depends-on" href="#si-1_smt.c.2"/>
               <p>the current system and information integrity procedures are reviewed and updated following <insert type="param" id-ref="si-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#si-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#si-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#si-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#si-1_smt"/>
       </part>
       <part id="si-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -74931,69 +74931,69 @@
       </part>
       <part id="si-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-02"/>
-        <link rel="depends-on" href="#si-2_smt"/>
         <part id="si-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02a."/>
-          <link rel="depends-on" href="#si-2_smt.a"/>
           <part id="si-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02a.[01]"/>
-            <link rel="depends-on" href="#si-2_smt.a"/>
             <p>system flaws are identified;</p>
+            <link rel="depends-on" href="#si-2_smt.a"/>
           </part>
           <part id="si-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02a.[02]"/>
-            <link rel="depends-on" href="#si-2_smt.a"/>
             <p>system flaws are reported;</p>
+            <link rel="depends-on" href="#si-2_smt.a"/>
           </part>
           <part id="si-2_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02a.[03]"/>
-            <link rel="depends-on" href="#si-2_smt.a"/>
             <p>system flaws are corrected;</p>
+            <link rel="depends-on" href="#si-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#si-2_smt.a"/>
         </part>
         <part id="si-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02b."/>
-          <link rel="depends-on" href="#si-2_smt.b"/>
           <part id="si-2_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02b.[01]"/>
-            <link rel="depends-on" href="#si-2_smt.b"/>
             <p>software updates related to flaw remediation are tested for effectiveness before installation;</p>
+            <link rel="depends-on" href="#si-2_smt.b"/>
           </part>
           <part id="si-2_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02b.[02]"/>
-            <link rel="depends-on" href="#si-2_smt.b"/>
             <p>software updates related to flaw remediation are tested for potential side effects before installation;</p>
+            <link rel="depends-on" href="#si-2_smt.b"/>
           </part>
           <part id="si-2_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02b.[03]"/>
-            <link rel="depends-on" href="#si-2_smt.b"/>
             <p>firmware updates related to flaw remediation are tested for effectiveness before installation;</p>
+            <link rel="depends-on" href="#si-2_smt.b"/>
           </part>
           <part id="si-2_obj.b-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02b.[04]"/>
-            <link rel="depends-on" href="#si-2_smt.b"/>
             <p>firmware updates related to flaw remediation are tested for potential side effects before installation;</p>
+            <link rel="depends-on" href="#si-2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-2_smt.b"/>
         </part>
         <part id="si-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02c."/>
-          <link rel="depends-on" href="#si-2_smt.c"/>
           <part id="si-2_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02c.[01]"/>
-            <link rel="depends-on" href="#si-2_smt.c"/>
             <p>security-relevant software updates are installed within <insert type="param" id-ref="si-02_odp"/> of the release of the updates;</p>
+            <link rel="depends-on" href="#si-2_smt.c"/>
           </part>
           <part id="si-2_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02c.[02]"/>
-            <link rel="depends-on" href="#si-2_smt.c"/>
             <p>security-relevant firmware updates are installed within <insert type="param" id-ref="si-02_odp"/> of the release of the updates;</p>
+            <link rel="depends-on" href="#si-2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#si-2_smt.c"/>
         </part>
         <part id="si-2_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02d."/>
-          <link rel="depends-on" href="#si-2_smt.d"/>
           <p>flaw remediation is incorporated into the organizational configuration management process.</p>
+          <link rel="depends-on" href="#si-2_smt.d"/>
         </part>
+        <link rel="depends-on" href="#si-2_smt"/>
       </part>
       <part id="si-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75074,8 +75074,8 @@
         </part>
         <part id="si-2.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02(02)"/>
-          <link rel="depends-on" href="#si-2.2_smt"/>
           <p>system components have applicable security-relevant software and firmware updates installed <insert type="param" id-ref="si-02.02_odp.02"/> using <insert type="param" id-ref="si-02.02_odp.01"/>.</p>
+          <link rel="depends-on" href="#si-2.2_smt"/>
         </part>
         <part id="si-2.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75140,17 +75140,17 @@
         </part>
         <part id="si-2.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02(03)"/>
-          <link rel="depends-on" href="#si-2.3_smt"/>
           <part id="si-2.3_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02(03)(a)"/>
-            <link rel="depends-on" href="#si-2.3_smt.a"/>
             <p>the time between flaw identification and flaw remediation is measured;</p>
+            <link rel="depends-on" href="#si-2.3_smt.a"/>
           </part>
           <part id="si-2.3_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-02(03)(b)"/>
-            <link rel="depends-on" href="#si-2.3_smt.b"/>
             <p><insert type="param" id-ref="si-02.03_odp"/> for taking corrective actions have been established.</p>
+            <link rel="depends-on" href="#si-2.3_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-2.3_smt"/>
         </part>
         <part id="si-2.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75211,8 +75211,8 @@
         </part>
         <part id="si-2.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02(04)"/>
-          <link rel="depends-on" href="#si-2.4_smt"/>
           <p>automated patch management tools are employed to facilitate flaw remediation to <insert type="param" id-ref="si-02.04_odp"/>.</p>
+          <link rel="depends-on" href="#si-2.4_smt"/>
         </part>
         <part id="si-2.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75283,8 +75283,8 @@
         </part>
         <part id="si-2.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02(05)"/>
-          <link rel="depends-on" href="#si-2.5_smt"/>
           <p><insert type="param" id-ref="si-02.05_odp.01"/> are installed automatically to <insert type="param" id-ref="si-02.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-2.5_smt"/>
         </part>
         <part id="si-2.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75344,8 +75344,8 @@
         </part>
         <part id="si-2.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-02(06)"/>
-          <link rel="depends-on" href="#si-2.6_smt"/>
           <p>previous versions of <insert type="param" id-ref="si-02.06_odp"/> are removed after updated versions have been installed.</p>
+          <link rel="depends-on" href="#si-2.6_smt"/>
         </part>
         <part id="si-2.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75493,63 +75493,63 @@
       </part>
       <part id="si-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-03"/>
-        <link rel="depends-on" href="#si-3_smt"/>
         <part id="si-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03a."/>
-          <link rel="depends-on" href="#si-3_smt.a"/>
           <part id="si-3_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03a.[01]"/>
-            <link rel="depends-on" href="#si-3_smt.a"/>
             <p><insert type="param" id-ref="si-03_odp.01"/> malicious code protection mechanisms are implemented at system entry and exit points to detect malicious code;</p>
+            <link rel="depends-on" href="#si-3_smt.a"/>
           </part>
           <part id="si-3_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03a.[02]"/>
-            <link rel="depends-on" href="#si-3_smt.a"/>
             <p><insert type="param" id-ref="si-03_odp.01"/> malicious code protection mechanisms are implemented at system entry and exit points to eradicate malicious code;</p>
+            <link rel="depends-on" href="#si-3_smt.a"/>
           </part>
+          <link rel="depends-on" href="#si-3_smt.a"/>
         </part>
         <part id="si-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03b."/>
-          <link rel="depends-on" href="#si-3_smt.b"/>
           <p>malicious code protection mechanisms are updated automatically as new releases are available in accordance with organizational configuration management policy and procedures;</p>
+          <link rel="depends-on" href="#si-3_smt.b"/>
         </part>
         <part id="si-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03c."/>
-          <link rel="depends-on" href="#si-3_smt.c"/>
           <part id="si-3_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03c.01"/>
-            <link rel="depends-on" href="#si-3_smt.c.1"/>
             <part id="si-3_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03c.01[01]"/>
-              <link rel="depends-on" href="#si-3_smt.c.1"/>
               <p>malicious code protection mechanisms are configured to perform periodic scans of the system <insert type="param" id-ref="si-03_odp.02"/>;</p>
+              <link rel="depends-on" href="#si-3_smt.c.1"/>
             </part>
             <part id="si-3_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03c.01[02]"/>
-              <link rel="depends-on" href="#si-3_smt.c.1"/>
               <p>malicious code protection mechanisms are configured to perform real-time scans of files from external sources at <insert type="param" id-ref="si-03_odp.03"/> as the files are downloaded, opened, or executed in accordance with organizational policy;</p>
+              <link rel="depends-on" href="#si-3_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#si-3_smt.c.1"/>
           </part>
           <part id="si-3_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03c.02"/>
-            <link rel="depends-on" href="#si-3_smt.c.2"/>
             <part id="si-3_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03c.02[01]"/>
-              <link rel="depends-on" href="#si-3_smt.c.2"/>
               <p>malicious code protection mechanisms are configured to <insert type="param" id-ref="si-03_odp.04"/> in response to malicious code detection;</p>
+              <link rel="depends-on" href="#si-3_smt.c.2"/>
             </part>
             <part id="si-3_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03c.02[02]"/>
-              <link rel="depends-on" href="#si-3_smt.c.2"/>
               <p>malicious code protection mechanisms are configured to send alerts to <insert type="param" id-ref="si-03_odp.06"/> in response to malicious code detection;</p>
+              <link rel="depends-on" href="#si-3_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#si-3_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#si-3_smt.c"/>
         </part>
         <part id="si-3_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03d."/>
-          <link rel="depends-on" href="#si-3_smt.d"/>
           <p>the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the system are addressed.</p>
+          <link rel="depends-on" href="#si-3_smt.d"/>
         </part>
+        <link rel="depends-on" href="#si-3_smt"/>
       </part>
       <part id="si-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75632,8 +75632,8 @@
         </part>
         <part id="si-3.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03(04)"/>
-          <link rel="depends-on" href="#si-3.4_smt"/>
           <p>malicious code protection mechanisms are updated only when directed by a privileged user.</p>
+          <link rel="depends-on" href="#si-3.4_smt"/>
         </part>
         <part id="si-3.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75712,26 +75712,26 @@
         </part>
         <part id="si-3.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03(06)"/>
-          <link rel="depends-on" href="#si-3.6_smt"/>
           <part id="si-3.6_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03(06)(a)"/>
-            <link rel="depends-on" href="#si-3.6_smt.a"/>
             <p>malicious code protection mechanisms are tested <insert type="param" id-ref="si-03.06_odp"/> by introducing known benign code into the system;</p>
+            <link rel="depends-on" href="#si-3.6_smt.a"/>
           </part>
           <part id="si-3.6_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03(06)(b)"/>
-            <link rel="depends-on" href="#si-3.6_smt.b"/>
             <part id="si-3.6_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03(06)(b)[01]"/>
-              <link rel="depends-on" href="#si-3.6_smt.b"/>
               <p>the detection of (benign test) code occurs;</p>
+              <link rel="depends-on" href="#si-3.6_smt.b"/>
             </part>
             <part id="si-3.6_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03(06)(b)[02]"/>
-              <link rel="depends-on" href="#si-3.6_smt.b"/>
               <p>the associated incident reporting occurs.</p>
+              <link rel="depends-on" href="#si-3.6_smt.b"/>
             </part>
+            <link rel="depends-on" href="#si-3.6_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-3.6_smt"/>
         </part>
         <part id="si-3.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75825,17 +75825,17 @@
         </part>
         <part id="si-3.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03(08)"/>
-          <link rel="depends-on" href="#si-3.8_smt"/>
           <part id="si-3.8_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03(08)(a)"/>
-            <link rel="depends-on" href="#si-3.8_smt.a"/>
             <p><insert type="param" id-ref="si-03.08_odp.01"/> are detected through the kernel application programming interface on <insert type="param" id-ref="si-03.08_odp.02"/>;</p>
+            <link rel="depends-on" href="#si-3.8_smt.a"/>
           </part>
           <part id="si-3.8_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03(08)(b)"/>
-            <link rel="depends-on" href="#si-3.8_smt.b"/>
             <p><insert type="param" id-ref="si-03.08_odp.03"/> is/are performed.</p>
+            <link rel="depends-on" href="#si-3.8_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-3.8_smt"/>
         </part>
         <part id="si-3.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -75911,26 +75911,26 @@
         </part>
         <part id="si-3.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-03(10)"/>
-          <link rel="depends-on" href="#si-3.10_smt"/>
           <part id="si-3.10_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03(10)(a)"/>
-            <link rel="depends-on" href="#si-3.10_smt.a"/>
             <p><insert type="param" id-ref="si-03.10_odp"/> are employed to analyze the characteristics and behavior of malicious code;</p>
+            <link rel="depends-on" href="#si-3.10_smt.a"/>
           </part>
           <part id="si-3.10_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-03(10)(b)"/>
-            <link rel="depends-on" href="#si-3.10_smt.b"/>
             <part id="si-3.10_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03(10)(b)[01]"/>
-              <link rel="depends-on" href="#si-3.10_smt.b"/>
               <p>the results from malicious code analysis are incorporated into organizational incident response processes;</p>
+              <link rel="depends-on" href="#si-3.10_smt.b"/>
             </part>
             <part id="si-3.10_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-03(10)(b)[02]"/>
-              <link rel="depends-on" href="#si-3.10_smt.b"/>
               <p>the results from malicious code analysis are incorporated into organizational flaw remediation processes.</p>
+              <link rel="depends-on" href="#si-3.10_smt.b"/>
             </part>
+            <link rel="depends-on" href="#si-3.10_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-3.10_smt"/>
         </part>
         <part id="si-3.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76129,83 +76129,83 @@
       </part>
       <part id="si-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-04"/>
-        <link rel="depends-on" href="#si-4_smt"/>
         <part id="si-4_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04a."/>
-          <link rel="depends-on" href="#si-4_smt.a"/>
           <part id="si-4_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04a.01"/>
-            <link rel="depends-on" href="#si-4_smt.a.1"/>
             <p>the system is monitored to detect attacks and indicators of potential attacks in accordance with <insert type="param" id-ref="si-04_odp.01"/>;</p>
+            <link rel="depends-on" href="#si-4_smt.a.1"/>
           </part>
           <part id="si-4_obj.a.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04a.02"/>
-            <link rel="depends-on" href="#si-4_smt.a.2"/>
             <part id="si-4_obj.a.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04a.02[01]"/>
-              <link rel="depends-on" href="#si-4_smt.a.2"/>
               <p>the system is monitored to detect unauthorized local connections;</p>
+              <link rel="depends-on" href="#si-4_smt.a.2"/>
             </part>
             <part id="si-4_obj.a.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04a.02[02]"/>
-              <link rel="depends-on" href="#si-4_smt.a.2"/>
               <p>the system is monitored to detect unauthorized network connections;</p>
+              <link rel="depends-on" href="#si-4_smt.a.2"/>
             </part>
             <part id="si-4_obj.a.2-3" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04a.02[03]"/>
-              <link rel="depends-on" href="#si-4_smt.a.2"/>
               <p>the system is monitored to detect unauthorized remote connections;</p>
+              <link rel="depends-on" href="#si-4_smt.a.2"/>
             </part>
+            <link rel="depends-on" href="#si-4_smt.a.2"/>
           </part>
+          <link rel="depends-on" href="#si-4_smt.a"/>
         </part>
         <part id="si-4_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04b."/>
-          <link rel="depends-on" href="#si-4_smt.b"/>
           <p>unauthorized use of the system is identified through <insert type="param" id-ref="si-04_odp.02"/>;</p>
+          <link rel="depends-on" href="#si-4_smt.b"/>
         </part>
         <part id="si-4_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04c."/>
-          <link rel="depends-on" href="#si-4_smt.c"/>
           <part id="si-4_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04c.01"/>
-            <link rel="depends-on" href="#si-4_smt.c.1"/>
             <p>internal monitoring capabilities are invoked or monitoring devices are deployed strategically within the system to collect organization-determined essential information;</p>
+            <link rel="depends-on" href="#si-4_smt.c.1"/>
           </part>
           <part id="si-4_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04c.02"/>
-            <link rel="depends-on" href="#si-4_smt.c.2"/>
             <p>internal monitoring capabilities are invoked or monitoring devices are deployed at ad hoc locations within the system to track specific types of transactions of interest to the organization;</p>
+            <link rel="depends-on" href="#si-4_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#si-4_smt.c"/>
         </part>
         <part id="si-4_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04d."/>
-          <link rel="depends-on" href="#si-4_smt.d"/>
           <part id="si-4_obj.d-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04d.[01]"/>
-            <link rel="depends-on" href="#si-4_smt.d"/>
             <p>detected events are analyzed;</p>
+            <link rel="depends-on" href="#si-4_smt.d"/>
           </part>
           <part id="si-4_obj.d-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04d.[02]"/>
-            <link rel="depends-on" href="#si-4_smt.d"/>
             <p>detected anomalies are analyzed;</p>
+            <link rel="depends-on" href="#si-4_smt.d"/>
           </part>
+          <link rel="depends-on" href="#si-4_smt.d"/>
         </part>
         <part id="si-4_obj.e" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04e."/>
-          <link rel="depends-on" href="#si-4_smt.e"/>
           <p>the level of system monitoring activity is adjusted when there is a change in risk to organizational operations and assets, individuals, other organizations, or the Nation;</p>
+          <link rel="depends-on" href="#si-4_smt.e"/>
         </part>
         <part id="si-4_obj.f" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04f."/>
-          <link rel="depends-on" href="#si-4_smt.f"/>
           <p>a legal opinion regarding system monitoring activities is obtained;</p>
+          <link rel="depends-on" href="#si-4_smt.f"/>
         </part>
         <part id="si-4_obj.g" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04g."/>
-          <link rel="depends-on" href="#si-4_smt.g"/>
           <p><insert type="param" id-ref="si-04_odp.03"/> is provided to <insert type="param" id-ref="si-04_odp.04"/> <insert type="param" id-ref="si-04_odp.05"/>.</p>
+          <link rel="depends-on" href="#si-4_smt.g"/>
         </part>
+        <link rel="depends-on" href="#si-4_smt"/>
       </part>
       <part id="si-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76259,17 +76259,17 @@
         </part>
         <part id="si-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(01)"/>
-          <link rel="depends-on" href="#si-4.1_smt"/>
           <part id="si-4.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(01)[01]"/>
-            <link rel="depends-on" href="#si-4.1_smt"/>
             <p>individual intrusion detection tools are connected to a system-wide intrusion detection system;</p>
+            <link rel="depends-on" href="#si-4.1_smt"/>
           </part>
           <part id="si-4.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(01)[02]"/>
-            <link rel="depends-on" href="#si-4.1_smt"/>
             <p>individual intrusion detection tools are configured into a system-wide intrusion detection system.</p>
+            <link rel="depends-on" href="#si-4.1_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.1_smt"/>
         </part>
         <part id="si-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76324,8 +76324,8 @@
         </part>
         <part id="si-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(02)"/>
-          <link rel="depends-on" href="#si-4.2_smt"/>
           <p>automated tools and mechanisms are employed to support a near real-time analysis of events.</p>
+          <link rel="depends-on" href="#si-4.2_smt"/>
         </part>
         <part id="si-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76386,17 +76386,17 @@
         </part>
         <part id="si-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(03)"/>
-          <link rel="depends-on" href="#si-4.3_smt"/>
           <part id="si-4.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(03)[01]"/>
-            <link rel="depends-on" href="#si-4.3_smt"/>
             <p>automated tools and mechanisms are employed to integrate intrusion detection tools and mechanisms into access control mechanisms;</p>
+            <link rel="depends-on" href="#si-4.3_smt"/>
           </part>
           <part id="si-4.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(03)[02]"/>
-            <link rel="depends-on" href="#si-4.3_smt"/>
             <p>automated tools and mechanisms are employed to integrate intrusion detection tools and mechanisms into flow control mechanisms.</p>
+            <link rel="depends-on" href="#si-4.3_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.3_smt"/>
         </part>
         <part id="si-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76497,35 +76497,35 @@
         </part>
         <part id="si-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(04)"/>
-          <link rel="depends-on" href="#si-4.4_smt"/>
           <part id="si-4.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(04)(a)"/>
-            <link rel="depends-on" href="#si-4.4_smt.a"/>
             <part id="si-4.4_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(04)(a)[01]"/>
-              <link rel="depends-on" href="#si-4.4_smt.a"/>
               <p>criteria for unusual or unauthorized activities or conditions for inbound communications traffic are defined;</p>
+              <link rel="depends-on" href="#si-4.4_smt.a"/>
             </part>
             <part id="si-4.4_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(04)(a)[02]"/>
-              <link rel="depends-on" href="#si-4.4_smt.a"/>
               <p>criteria for unusual or unauthorized activities or conditions for outbound communications traffic are defined;</p>
+              <link rel="depends-on" href="#si-4.4_smt.a"/>
             </part>
+            <link rel="depends-on" href="#si-4.4_smt.a"/>
           </part>
           <part id="si-4.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(04)(b)"/>
-            <link rel="depends-on" href="#si-4.4_smt.b"/>
             <part id="si-4.4_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(04)(b)[01]"/>
-              <link rel="depends-on" href="#si-4.4_smt.b"/>
               <p>inbound communications traffic is monitored <insert type="param" id-ref="si-04.04_odp.01"/> for <insert type="param" id-ref="si-04.04_odp.02"/>;</p>
+              <link rel="depends-on" href="#si-4.4_smt.b"/>
             </part>
             <part id="si-4.4_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(04)(b)[02]"/>
-              <link rel="depends-on" href="#si-4.4_smt.b"/>
               <p>outbound communications traffic is monitored <insert type="param" id-ref="si-04.04_odp.03"/> for <insert type="param" id-ref="si-04.04_odp.04"/>.</p>
+              <link rel="depends-on" href="#si-4.4_smt.b"/>
             </part>
+            <link rel="depends-on" href="#si-4.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-4.4_smt"/>
         </part>
         <part id="si-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76599,8 +76599,8 @@
         </part>
         <part id="si-4.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(05)"/>
-          <link rel="depends-on" href="#si-4.5_smt"/>
           <p><insert type="param" id-ref="si-04.05_odp.01"/> are alerted when system-generated <insert type="param" id-ref="si-04.05_odp.02"/> occur.</p>
+          <link rel="depends-on" href="#si-4.5_smt"/>
         </part>
         <part id="si-4.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76691,17 +76691,17 @@
         </part>
         <part id="si-4.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(07)"/>
-          <link rel="depends-on" href="#si-4.7_smt"/>
           <part id="si-4.7_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(07)(a)"/>
-            <link rel="depends-on" href="#si-4.7_smt.a"/>
             <p><insert type="param" id-ref="si-04.07_odp.01"/> are notified of detected suspicious events;</p>
+            <link rel="depends-on" href="#si-4.7_smt.a"/>
           </part>
           <part id="si-4.7_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(07)(b)"/>
-            <link rel="depends-on" href="#si-4.7_smt.b"/>
             <p><insert type="param" id-ref="si-04.07_odp.02"/> are taken upon the detection of suspicious events.</p>
+            <link rel="depends-on" href="#si-4.7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-4.7_smt"/>
         </part>
         <part id="si-4.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76775,8 +76775,8 @@
         </part>
         <part id="si-4.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(09)"/>
-          <link rel="depends-on" href="#si-4.9_smt"/>
           <p>intrusion-monitoring tools and mechanisms are tested <insert type="param" id-ref="si-04.09_odp"/>.</p>
+          <link rel="depends-on" href="#si-4.9_smt"/>
         </part>
         <part id="si-4.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76843,8 +76843,8 @@
         </part>
         <part id="si-4.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(10)"/>
-          <link rel="depends-on" href="#si-4.10_smt"/>
           <p>provisions are made so that <insert type="param" id-ref="si-04.10_odp.01"/> is visible to <insert type="param" id-ref="si-04.10_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-4.10_smt"/>
         </part>
         <part id="si-4.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76908,17 +76908,17 @@
         </part>
         <part id="si-4.11_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(11)"/>
-          <link rel="depends-on" href="#si-4.11_smt"/>
           <part id="si-4.11_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(11)[01]"/>
-            <link rel="depends-on" href="#si-4.11_smt"/>
             <p>outbound communications traffic at the external interfaces to the system is analyzed to discover anomalies;</p>
+            <link rel="depends-on" href="#si-4.11_smt"/>
           </part>
           <part id="si-4.11_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(11)[02]"/>
-            <link rel="depends-on" href="#si-4.11_smt"/>
             <p>outbound communications traffic at <insert type="param" id-ref="si-04.11_odp"/> is analyzed to discover anomalies.</p>
+            <link rel="depends-on" href="#si-4.11_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.11_smt"/>
         </part>
         <part id="si-4.11_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -76999,8 +76999,8 @@
         </part>
         <part id="si-4.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(12)"/>
-          <link rel="depends-on" href="#si-4.12_smt"/>
           <p><insert type="param" id-ref="si-04.12_odp.01"/> is/are alerted using <insert type="param" id-ref="si-04.12_odp.02"/> when <insert type="param" id-ref="si-04.12_odp.03"/> indicate inappropriate or unusual activities with security or privacy implications.</p>
+          <link rel="depends-on" href="#si-4.12_smt"/>
         </part>
         <part id="si-4.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77072,49 +77072,49 @@
         </part>
         <part id="si-4.13_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(13)"/>
-          <link rel="depends-on" href="#si-4.13_smt"/>
           <part id="si-4.13_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(13)(a)"/>
-            <link rel="depends-on" href="#si-4.13_smt.a"/>
             <part id="si-4.13_obj.a-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(13)(a)[01]"/>
-              <link rel="depends-on" href="#si-4.13_smt.a"/>
               <p>communications traffic for the system is analyzed;</p>
+              <link rel="depends-on" href="#si-4.13_smt.a"/>
             </part>
             <part id="si-4.13_obj.a-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(13)(a)[02]"/>
-              <link rel="depends-on" href="#si-4.13_smt.a"/>
               <p>event patterns for the system are analyzed;</p>
+              <link rel="depends-on" href="#si-4.13_smt.a"/>
             </part>
+            <link rel="depends-on" href="#si-4.13_smt.a"/>
           </part>
           <part id="si-4.13_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(13)(b)"/>
-            <link rel="depends-on" href="#si-4.13_smt.b"/>
             <part id="si-4.13_obj.b-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(13)(b)[01]"/>
-              <link rel="depends-on" href="#si-4.13_smt.b"/>
               <p>profiles representing common traffic are developed;</p>
+              <link rel="depends-on" href="#si-4.13_smt.b"/>
             </part>
             <part id="si-4.13_obj.b-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(13)(b)[02]"/>
-              <link rel="depends-on" href="#si-4.13_smt.b"/>
               <p>profiles representing event patterns are developed;</p>
+              <link rel="depends-on" href="#si-4.13_smt.b"/>
             </part>
+            <link rel="depends-on" href="#si-4.13_smt.b"/>
           </part>
           <part id="si-4.13_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(13)(c)"/>
-            <link rel="depends-on" href="#si-4.13_smt.c"/>
             <part id="si-4.13_obj.c-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(13)(c)[01]"/>
-              <link rel="depends-on" href="#si-4.13_smt.c"/>
               <p>traffic profiles are used in tuning system-monitoring devices;</p>
+              <link rel="depends-on" href="#si-4.13_smt.c"/>
             </part>
             <part id="si-4.13_obj.c-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SI-04(13)(c)[02]"/>
-              <link rel="depends-on" href="#si-4.13_smt.c"/>
               <p>event profiles are used in tuning system-monitoring devices.</p>
+              <link rel="depends-on" href="#si-4.13_smt.c"/>
             </part>
+            <link rel="depends-on" href="#si-4.13_smt.c"/>
           </part>
+          <link rel="depends-on" href="#si-4.13_smt"/>
         </part>
         <part id="si-4.13_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77172,22 +77172,22 @@
         </part>
         <part id="si-4.14_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(14)"/>
-          <link rel="depends-on" href="#si-4.14_smt"/>
           <part id="si-4.14_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(14)[01]"/>
-            <link rel="depends-on" href="#si-4.14_smt"/>
             <p>a wireless intrusion detection system is employed to identify rogue wireless devices;</p>
+            <link rel="depends-on" href="#si-4.14_smt"/>
           </part>
           <part id="si-4.14_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(14)[02]"/>
-            <link rel="depends-on" href="#si-4.14_smt"/>
             <p>a wireless intrusion detection system is employed to detect attack attempts on the system;</p>
+            <link rel="depends-on" href="#si-4.14_smt"/>
           </part>
           <part id="si-4.14_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(14)[03]"/>
-            <link rel="depends-on" href="#si-4.14_smt"/>
             <p>a wireless intrusion detection system is employed to detect potential compromises or breaches to the system.</p>
+            <link rel="depends-on" href="#si-4.14_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.14_smt"/>
         </part>
         <part id="si-4.14_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77242,8 +77242,8 @@
         </part>
         <part id="si-4.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(15)"/>
-          <link rel="depends-on" href="#si-4.15_smt"/>
           <p>an intrusion detection system is employed to monitor wireless communications traffic as the traffic passes from wireless to wireline networks.</p>
+          <link rel="depends-on" href="#si-4.15_smt"/>
         </part>
         <part id="si-4.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77300,8 +77300,8 @@
         </part>
         <part id="si-4.16_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(16)"/>
-          <link rel="depends-on" href="#si-4.16_smt"/>
           <p>information from monitoring tools and mechanisms employed throughout the system is correlated.</p>
+          <link rel="depends-on" href="#si-4.16_smt"/>
         </part>
         <part id="si-4.16_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77361,8 +77361,8 @@
         </part>
         <part id="si-4.17_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(17)"/>
-          <link rel="depends-on" href="#si-4.17_smt"/>
           <p>information from monitoring physical, cyber, and supply chain activities are correlated to achieve integrated, organization-wide situational awareness.</p>
+          <link rel="depends-on" href="#si-4.17_smt"/>
         </part>
         <part id="si-4.17_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77428,17 +77428,17 @@
         </part>
         <part id="si-4.18_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(18)"/>
-          <link rel="depends-on" href="#si-4.18_smt"/>
           <part id="si-4.18_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(18)[01]"/>
-            <link rel="depends-on" href="#si-4.18_smt"/>
             <p>outbound communications traffic is analyzed at interfaces external to the system to detect covert exfiltration of information;</p>
+            <link rel="depends-on" href="#si-4.18_smt"/>
           </part>
           <part id="si-4.18_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(18)[02]"/>
-            <link rel="depends-on" href="#si-4.18_smt"/>
             <p>outbound communications traffic is analyzed at <insert type="param" id-ref="si-04.18_odp"/> to detect covert exfiltration of information.</p>
+            <link rel="depends-on" href="#si-4.18_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.18_smt"/>
         </part>
         <part id="si-4.18_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77510,8 +77510,8 @@
         </part>
         <part id="si-4.19_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(19)"/>
-          <link rel="depends-on" href="#si-4.19_smt"/>
           <p><insert type="param" id-ref="si-04.19_odp.01"/> is implemented on individuals who have been identified by <insert type="param" id-ref="si-04.19_odp.02"/> as posing an increased level of risk.</p>
+          <link rel="depends-on" href="#si-4.19_smt"/>
         </part>
         <part id="si-4.19_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77576,8 +77576,8 @@
         </part>
         <part id="si-4.20_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(20)"/>
-          <link rel="depends-on" href="#si-4.20_smt"/>
           <p><insert type="param" id-ref="si-04.20_odp"/> of privileged users is implemented.</p>
+          <link rel="depends-on" href="#si-4.20_smt"/>
         </part>
         <part id="si-4.20_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77647,8 +77647,8 @@
         </part>
         <part id="si-4.21_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(21)"/>
-          <link rel="depends-on" href="#si-4.21_smt"/>
           <p><insert type="param" id-ref="si-04.21_odp.01"/> of individuals is implemented during <insert type="param" id-ref="si-04.21_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-4.21_smt"/>
         </part>
         <part id="si-4.21_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77733,17 +77733,17 @@
         </part>
         <part id="si-4.22_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(22)"/>
-          <link rel="depends-on" href="#si-4.22_smt"/>
           <part id="si-4.22_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(22)(a)"/>
-            <link rel="depends-on" href="#si-4.22_smt.a"/>
             <p>network services that have not been authorized or approved by <insert type="param" id-ref="si-04.22_odp.01"/> are detected;</p>
+            <link rel="depends-on" href="#si-4.22_smt.a"/>
           </part>
           <part id="si-4.22_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(22)(b)"/>
-            <link rel="depends-on" href="#si-4.22_smt.b"/>
             <p><insert type="param" id-ref="si-04.22_odp.02"/> is/are initiated when network services that have not been authorized or approved by authorization or approval processes are detected.</p>
+            <link rel="depends-on" href="#si-4.22_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-4.22_smt"/>
         </part>
         <part id="si-4.22_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77819,8 +77819,8 @@
         </part>
         <part id="si-4.23_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(23)"/>
-          <link rel="depends-on" href="#si-4.23_smt"/>
           <p><insert type="param" id-ref="si-04.23_odp.01"/> are implemented on <insert type="param" id-ref="si-04.23_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-4.23_smt"/>
         </part>
         <part id="si-4.23_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77892,22 +77892,22 @@
         </part>
         <part id="si-4.24_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(24)"/>
-          <link rel="depends-on" href="#si-4.24_smt"/>
           <part id="si-4.24_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(24)[01]"/>
-            <link rel="depends-on" href="#si-4.24_smt"/>
             <p>indicators of compromise provided by <insert type="param" id-ref="si-04.24_odp.01"/> are discovered;</p>
+            <link rel="depends-on" href="#si-4.24_smt"/>
           </part>
           <part id="si-4.24_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(24)[02]"/>
-            <link rel="depends-on" href="#si-4.24_smt"/>
             <p>indicators of compromise provided by <insert type="param" id-ref="si-04.24_odp.01"/> are collected;</p>
+            <link rel="depends-on" href="#si-4.24_smt"/>
           </part>
           <part id="si-4.24_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(24)[03]"/>
-            <link rel="depends-on" href="#si-4.24_smt"/>
             <p>indicators of compromise provided by <insert type="param" id-ref="si-04.24_odp.01"/> are distributed to <insert type="param" id-ref="si-04.24_odp.02"/>.</p>
+            <link rel="depends-on" href="#si-4.24_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.24_smt"/>
         </part>
         <part id="si-4.24_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -77963,17 +77963,17 @@
         </part>
         <part id="si-4.25_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-04(25)"/>
-          <link rel="depends-on" href="#si-4.25_smt"/>
           <part id="si-4.25_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(25)[01]"/>
-            <link rel="depends-on" href="#si-4.25_smt"/>
             <p>visibility into network traffic at external system interfaces is provided to optimize the effectiveness of monitoring devices;</p>
+            <link rel="depends-on" href="#si-4.25_smt"/>
           </part>
           <part id="si-4.25_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-04(25)[02]"/>
-            <link rel="depends-on" href="#si-4.25_smt"/>
             <p>visibility into network traffic at key internal system interfaces is provided to optimize the effectiveness of monitoring devices.</p>
+            <link rel="depends-on" href="#si-4.25_smt"/>
           </part>
+          <link rel="depends-on" href="#si-4.25_smt"/>
         </part>
         <part id="si-4.25_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78092,27 +78092,27 @@
       </part>
       <part id="si-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-05"/>
-        <link rel="depends-on" href="#si-5_smt"/>
         <part id="si-5_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-05a."/>
-          <link rel="depends-on" href="#si-5_smt.a"/>
           <p>system security alerts, advisories, and directives are received from <insert type="param" id-ref="si-05_odp.01"/> on an ongoing basis;</p>
+          <link rel="depends-on" href="#si-5_smt.a"/>
         </part>
         <part id="si-5_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-05b."/>
-          <link rel="depends-on" href="#si-5_smt.b"/>
           <p>internal security alerts, advisories, and directives are generated as deemed necessary;</p>
+          <link rel="depends-on" href="#si-5_smt.b"/>
         </part>
         <part id="si-5_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-05c."/>
-          <link rel="depends-on" href="#si-5_smt.c"/>
           <p>security alerts, advisories, and directives are disseminated to <insert type="param" id-ref="si-05_odp.02"/>;</p>
+          <link rel="depends-on" href="#si-5_smt.c"/>
         </part>
         <part id="si-5_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-05d."/>
-          <link rel="depends-on" href="#si-5_smt.d"/>
           <p>security directives are implemented in accordance with established time frames or if the issuing organization is notified of the degree of noncompliance.</p>
+          <link rel="depends-on" href="#si-5_smt.d"/>
         </part>
+        <link rel="depends-on" href="#si-5_smt"/>
       </part>
       <part id="si-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78170,8 +78170,8 @@
         </part>
         <part id="si-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-05(01)"/>
-          <link rel="depends-on" href="#si-5.1_smt"/>
           <p><insert type="param" id-ref="si-05.01_odp"/> are used to broadcast security alert and advisory information throughout the organization.</p>
+          <link rel="depends-on" href="#si-5.1_smt"/>
         </part>
         <part id="si-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78314,54 +78314,54 @@
       </part>
       <part id="si-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-06"/>
-        <link rel="depends-on" href="#si-6_smt"/>
         <part id="si-6_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-06a."/>
-          <link rel="depends-on" href="#si-6_smt.a"/>
           <part id="si-6_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06a.[01]"/>
-            <link rel="depends-on" href="#si-6_smt.a"/>
             <p><insert type="param" id-ref="si-06_odp.01"/> are verified to be operating correctly;</p>
+            <link rel="depends-on" href="#si-6_smt.a"/>
           </part>
           <part id="si-6_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06a.[02]"/>
-            <link rel="depends-on" href="#si-6_smt.a"/>
             <p><insert type="param" id-ref="si-06_odp.02"/> are verified to be operating correctly;</p>
+            <link rel="depends-on" href="#si-6_smt.a"/>
           </part>
+          <link rel="depends-on" href="#si-6_smt.a"/>
         </part>
         <part id="si-6_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-06b."/>
-          <link rel="depends-on" href="#si-6_smt.b"/>
           <part id="si-6_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06b.[01]"/>
-            <link rel="depends-on" href="#si-6_smt.b"/>
             <p><insert type="param" id-ref="si-06_odp.01"/> are verified <insert type="param" id-ref="si-06_odp.03"/>;</p>
+            <link rel="depends-on" href="#si-6_smt.b"/>
           </part>
           <part id="si-6_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06b.[02]"/>
-            <link rel="depends-on" href="#si-6_smt.b"/>
             <p><insert type="param" id-ref="si-06_odp.02"/> are verified <insert type="param" id-ref="si-06_odp.03"/>;</p>
+            <link rel="depends-on" href="#si-6_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-6_smt.b"/>
         </part>
         <part id="si-6_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-06c."/>
-          <link rel="depends-on" href="#si-6_smt.c"/>
           <part id="si-6_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06c.[01]"/>
-            <link rel="depends-on" href="#si-6_smt.c"/>
             <p><insert type="param" id-ref="si-06_odp.06"/> is/are alerted to failed security verification tests;</p>
+            <link rel="depends-on" href="#si-6_smt.c"/>
           </part>
           <part id="si-6_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06c.[02]"/>
-            <link rel="depends-on" href="#si-6_smt.c"/>
             <p><insert type="param" id-ref="si-06_odp.06"/> is/are alerted to failed privacy verification tests;</p>
+            <link rel="depends-on" href="#si-6_smt.c"/>
           </part>
+          <link rel="depends-on" href="#si-6_smt.c"/>
         </part>
         <part id="si-6_obj.d" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-06d."/>
-          <link rel="depends-on" href="#si-6_smt.d"/>
           <p><insert type="param" id-ref="si-06_odp.07"/> is/are initiated when anomalies are discovered.</p>
+          <link rel="depends-on" href="#si-6_smt.d"/>
         </part>
+        <link rel="depends-on" href="#si-6_smt"/>
       </part>
       <part id="si-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78423,17 +78423,17 @@
         </part>
         <part id="si-6.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-06(02)"/>
-          <link rel="depends-on" href="#si-6.2_smt"/>
           <part id="si-6.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06(02)[01]"/>
-            <link rel="depends-on" href="#si-6.2_smt"/>
             <p>automated mechanisms are implemented to support the management of distributed security function testing;</p>
+            <link rel="depends-on" href="#si-6.2_smt"/>
           </part>
           <part id="si-6.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06(02)[02]"/>
-            <link rel="depends-on" href="#si-6.2_smt"/>
             <p>automated mechanisms are implemented to support the management of distributed privacy function testing.</p>
+            <link rel="depends-on" href="#si-6.2_smt"/>
           </part>
+          <link rel="depends-on" href="#si-6.2_smt"/>
         </part>
         <part id="si-6.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78495,17 +78495,17 @@
         </part>
         <part id="si-6.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-06(03)"/>
-          <link rel="depends-on" href="#si-6.3_smt"/>
           <part id="si-6.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06(03)[01]"/>
-            <link rel="depends-on" href="#si-6.3_smt"/>
             <p>the results of security function verification are reported to <insert type="param" id-ref="si-06.03_odp"/>;</p>
+            <link rel="depends-on" href="#si-6.3_smt"/>
           </part>
           <part id="si-6.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-06(03)[02]"/>
-            <link rel="depends-on" href="#si-6.3_smt"/>
             <p>the results of privacy function verification are reported to <insert type="param" id-ref="si-06.03_odp"/>.</p>
+            <link rel="depends-on" href="#si-6.3_smt"/>
           </part>
+          <link rel="depends-on" href="#si-6.3_smt"/>
         </part>
         <part id="si-6.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78649,45 +78649,45 @@
       </part>
       <part id="si-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-07"/>
-        <link rel="depends-on" href="#si-7_smt"/>
         <part id="si-7_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07a."/>
-          <link rel="depends-on" href="#si-7_smt.a"/>
           <part id="si-7_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07a.[01]"/>
-            <link rel="depends-on" href="#si-7_smt.a"/>
             <p>integrity verification tools are employed to detect unauthorized changes to <insert type="param" id-ref="si-07_odp.01"/>;</p>
+            <link rel="depends-on" href="#si-7_smt.a"/>
           </part>
           <part id="si-7_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07a.[02]"/>
-            <link rel="depends-on" href="#si-7_smt.a"/>
             <p>integrity verification tools are employed to detect unauthorized changes to <insert type="param" id-ref="si-07_odp.02"/>;</p>
+            <link rel="depends-on" href="#si-7_smt.a"/>
           </part>
           <part id="si-7_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07a.[03]"/>
-            <link rel="depends-on" href="#si-7_smt.a"/>
             <p>integrity verification tools are employed to detect unauthorized changes to <insert type="param" id-ref="si-07_odp.03"/>;</p>
+            <link rel="depends-on" href="#si-7_smt.a"/>
           </part>
+          <link rel="depends-on" href="#si-7_smt.a"/>
         </part>
         <part id="si-7_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07b."/>
-          <link rel="depends-on" href="#si-7_smt.b"/>
           <part id="si-7_obj.b-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07b.[01]"/>
-            <link rel="depends-on" href="#si-7_smt.b"/>
             <p><insert type="param" id-ref="si-07_odp.04"/> are taken when unauthorized changes to the software, are detected;</p>
+            <link rel="depends-on" href="#si-7_smt.b"/>
           </part>
           <part id="si-7_obj.b-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07b.[02]"/>
-            <link rel="depends-on" href="#si-7_smt.b"/>
             <p><insert type="param" id-ref="si-07_odp.05"/> are taken when unauthorized changes to the firmware are detected;</p>
+            <link rel="depends-on" href="#si-7_smt.b"/>
           </part>
           <part id="si-7_obj.b-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07b.[03]"/>
-            <link rel="depends-on" href="#si-7_smt.b"/>
             <p><insert type="param" id-ref="si-07_odp.06"/> are taken when unauthorized changes to the information are detected.</p>
+            <link rel="depends-on" href="#si-7_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-7_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-7_smt"/>
       </part>
       <part id="si-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78854,22 +78854,22 @@
         </part>
         <part id="si-7.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(01)"/>
-          <link rel="depends-on" href="#si-7.1_smt"/>
           <part id="si-7.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(01)[01]"/>
-            <link rel="depends-on" href="#si-7.1_smt"/>
             <p>an integrity check of <insert type="param" id-ref="si-07.01_odp.01"/> is performed <insert type="param" id-ref="si-07.01_odp.02"/>;</p>
+            <link rel="depends-on" href="#si-7.1_smt"/>
           </part>
           <part id="si-7.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(01)[02]"/>
-            <link rel="depends-on" href="#si-7.1_smt"/>
             <p>an integrity check of <insert type="param" id-ref="si-07.01_odp.05"/> is performed <insert type="param" id-ref="si-07.01_odp.06"/>;</p>
+            <link rel="depends-on" href="#si-7.1_smt"/>
           </part>
           <part id="si-7.1_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(01)[03]"/>
-            <link rel="depends-on" href="#si-7.1_smt"/>
             <p>an integrity check of <insert type="param" id-ref="si-07.01_odp.09"/> is performed <insert type="param" id-ref="si-07.01_odp.10"/>.</p>
+            <link rel="depends-on" href="#si-7.1_smt"/>
           </part>
+          <link rel="depends-on" href="#si-7.1_smt"/>
         </part>
         <part id="si-7.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78928,8 +78928,8 @@
         </part>
         <part id="si-7.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(02)"/>
-          <link rel="depends-on" href="#si-7.2_smt"/>
           <p>automated tools that provide notification to <insert type="param" id-ref="si-07.02_odp"/> upon discovering discrepancies during integrity verification are employed.</p>
+          <link rel="depends-on" href="#si-7.2_smt"/>
         </part>
         <part id="si-7.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -78989,8 +78989,8 @@
         </part>
         <part id="si-7.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(03)"/>
-          <link rel="depends-on" href="#si-7.3_smt"/>
           <p>centrally managed integrity verification tools are employed.</p>
+          <link rel="depends-on" href="#si-7.3_smt"/>
         </part>
         <part id="si-7.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79064,8 +79064,8 @@
         </part>
         <part id="si-7.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(05)"/>
-          <link rel="depends-on" href="#si-7.5_smt"/>
           <p><insert type="param" id-ref="si-07.05_odp.01"/> are automatically performed when integrity violations are discovered.</p>
+          <link rel="depends-on" href="#si-7.5_smt"/>
         </part>
         <part id="si-7.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79122,22 +79122,22 @@
         </part>
         <part id="si-7.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(06)"/>
-          <link rel="depends-on" href="#si-7.6_smt"/>
           <part id="si-7.6_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(06)[01]"/>
-            <link rel="depends-on" href="#si-7.6_smt"/>
             <p>cryptographic mechanisms are implemented to detect unauthorized changes to software;</p>
+            <link rel="depends-on" href="#si-7.6_smt"/>
           </part>
           <part id="si-7.6_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(06)[02]"/>
-            <link rel="depends-on" href="#si-7.6_smt"/>
             <p>cryptographic mechanisms are implemented to detect unauthorized changes to firmware;</p>
+            <link rel="depends-on" href="#si-7.6_smt"/>
           </part>
           <part id="si-7.6_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(06)[03]"/>
-            <link rel="depends-on" href="#si-7.6_smt"/>
             <p>cryptographic mechanisms are implemented to detect unauthorized changes to information.</p>
+            <link rel="depends-on" href="#si-7.6_smt"/>
           </part>
+          <link rel="depends-on" href="#si-7.6_smt"/>
         </part>
         <part id="si-7.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79204,8 +79204,8 @@
         </part>
         <part id="si-7.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(07)"/>
-          <link rel="depends-on" href="#si-7.7_smt"/>
           <p>the detection of <insert type="param" id-ref="si-07.07_odp"/> are incorporated into the organizational incident response capability.</p>
+          <link rel="depends-on" href="#si-7.7_smt"/>
         </part>
         <part id="si-7.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79287,17 +79287,17 @@
         </part>
         <part id="si-7.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(08)"/>
-          <link rel="depends-on" href="#si-7.8_smt"/>
           <part id="si-7.8_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(08)[01]"/>
-            <link rel="depends-on" href="#si-7.8_smt"/>
             <p>the capability to audit an event upon the detection of a potential integrity violation is provided;</p>
+            <link rel="depends-on" href="#si-7.8_smt"/>
           </part>
           <part id="si-7.8_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-07(08)[02]"/>
-            <link rel="depends-on" href="#si-7.8_smt"/>
             <p><insert type="param" id-ref="si-07.08_odp.01"/> is/are initiated upon the detection of a potential integrity violation.</p>
+            <link rel="depends-on" href="#si-7.8_smt"/>
           </part>
+          <link rel="depends-on" href="#si-7.8_smt"/>
         </part>
         <part id="si-7.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79363,8 +79363,8 @@
         </part>
         <part id="si-7.9_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(09)"/>
-          <link rel="depends-on" href="#si-7.9_smt"/>
           <p>the integrity of the boot process of <insert type="param" id-ref="si-07.09_odp"/> is verified.</p>
+          <link rel="depends-on" href="#si-7.9_smt"/>
         </part>
         <part id="si-7.9_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79434,8 +79434,8 @@
         </part>
         <part id="si-7.10_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(10)"/>
-          <link rel="depends-on" href="#si-7.10_smt"/>
           <p><insert type="param" id-ref="si-07.10_odp.01"/> are implemented to protect the integrity of boot firmware in <insert type="param" id-ref="si-07.10_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-7.10_smt"/>
         </part>
         <part id="si-7.10_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79507,8 +79507,8 @@
         </part>
         <part id="si-7.12_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(12)"/>
-          <link rel="depends-on" href="#si-7.12_smt"/>
           <p>the integrity of <insert type="param" id-ref="si-07.12_odp"/> is verified prior to execution.</p>
+          <link rel="depends-on" href="#si-7.12_smt"/>
         </part>
         <part id="si-7.12_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79585,8 +79585,8 @@
         </part>
         <part id="si-7.15_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(15)"/>
-          <link rel="depends-on" href="#si-7.15_smt"/>
           <p>cryptographic mechanisms are implemented to authenticate <insert type="param" id-ref="si-07.15_odp"/> prior to installation.</p>
+          <link rel="depends-on" href="#si-7.15_smt"/>
         </part>
         <part id="si-7.15_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79645,8 +79645,8 @@
         </part>
         <part id="si-7.16_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(16)"/>
-          <link rel="depends-on" href="#si-7.16_smt"/>
           <p>processes are prohibited from executing without supervision for more than <insert type="param" id-ref="si-07.16_odp"/>.</p>
+          <link rel="depends-on" href="#si-7.16_smt"/>
         </part>
         <part id="si-7.16_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79707,8 +79707,8 @@
         </part>
         <part id="si-7.17_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-07(17)"/>
-          <link rel="depends-on" href="#si-7.17_smt"/>
           <p><insert type="param" id-ref="si-07.17_odp"/> are implemented for application self-protection at runtime.</p>
+          <link rel="depends-on" href="#si-7.17_smt"/>
         </part>
         <part id="si-7.17_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79773,36 +79773,36 @@
       </part>
       <part id="si-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-08"/>
-        <link rel="depends-on" href="#si-8_smt"/>
         <part id="si-8_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-08a."/>
-          <link rel="depends-on" href="#si-8_smt.a"/>
           <part id="si-8_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-08a.[01]"/>
-            <link rel="depends-on" href="#si-8_smt.a"/>
             <p>spam protection mechanisms are employed at system entry points to detect unsolicited messages;</p>
+            <link rel="depends-on" href="#si-8_smt.a"/>
           </part>
           <part id="si-8_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-08a.[02]"/>
-            <link rel="depends-on" href="#si-8_smt.a"/>
             <p>spam protection mechanisms are employed at system exit points to detect unsolicited messages;</p>
+            <link rel="depends-on" href="#si-8_smt.a"/>
           </part>
           <part id="si-8_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-08a.[03]"/>
-            <link rel="depends-on" href="#si-8_smt.a"/>
             <p>spam protection mechanisms are employed at system entry points to act on unsolicited messages;</p>
+            <link rel="depends-on" href="#si-8_smt.a"/>
           </part>
           <part id="si-8_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-08a.[04]"/>
-            <link rel="depends-on" href="#si-8_smt.a"/>
             <p>spam protection mechanisms are employed at system exit points to act on unsolicited messages;</p>
+            <link rel="depends-on" href="#si-8_smt.a"/>
           </part>
+          <link rel="depends-on" href="#si-8_smt.a"/>
         </part>
         <part id="si-8_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-08b."/>
-          <link rel="depends-on" href="#si-8_smt.b"/>
           <p>spam protection mechanisms are updated when new releases are available in accordance with organizational configuration management policies and procedures.</p>
+          <link rel="depends-on" href="#si-8_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-8_smt"/>
       </part>
       <part id="si-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79870,8 +79870,8 @@
         </part>
         <part id="si-8.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-08(02)"/>
-          <link rel="depends-on" href="#si-8.2_smt"/>
           <p>spam protection mechanisms are automatically updated <insert type="param" id-ref="si-08.02_odp"/>.</p>
+          <link rel="depends-on" href="#si-8.2_smt"/>
         </part>
         <part id="si-8.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79923,8 +79923,8 @@
         </part>
         <part id="si-8.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-08(03)"/>
-          <link rel="depends-on" href="#si-8.3_smt"/>
           <p>spam protection mechanisms with a learning capability are implemented to more effectively identify legitimate communications traffic.</p>
+          <link rel="depends-on" href="#si-8.3_smt"/>
         </part>
         <part id="si-8.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -79998,8 +79998,8 @@
       </part>
       <part id="si-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-10"/>
-        <link rel="depends-on" href="#si-10_smt"/>
         <p>the validity of the <insert type="param" id-ref="si-10_odp"/> is checked.</p>
+        <link rel="depends-on" href="#si-10_smt"/>
       </part>
       <part id="si-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80075,22 +80075,22 @@
         </part>
         <part id="si-10.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-10(01)"/>
-          <link rel="depends-on" href="#si-10.1_smt"/>
           <part id="si-10.1_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(01)(a)"/>
-            <link rel="depends-on" href="#si-10.1_smt.a"/>
             <p>a manual override capability for the validation of <insert type="param" id-ref="si-10_odp"/> is provided;</p>
+            <link rel="depends-on" href="#si-10.1_smt.a"/>
           </part>
           <part id="si-10.1_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(01)(b)"/>
-            <link rel="depends-on" href="#si-10.1_smt.b"/>
             <p>the use of the manual override capability is restricted to only <insert type="param" id-ref="si-10.01_odp"/>;</p>
+            <link rel="depends-on" href="#si-10.1_smt.b"/>
           </part>
           <part id="si-10.1_obj.c" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(01)(c)"/>
-            <link rel="depends-on" href="#si-10.1_smt.c"/>
             <p>the use of the manual override capability is audited.</p>
+            <link rel="depends-on" href="#si-10.1_smt.c"/>
           </part>
+          <link rel="depends-on" href="#si-10.1_smt"/>
         </part>
         <part id="si-10.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80163,17 +80163,17 @@
         </part>
         <part id="si-10.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-10(02)"/>
-          <link rel="depends-on" href="#si-10.2_smt"/>
           <part id="si-10.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(02)[01]"/>
-            <link rel="depends-on" href="#si-10.2_smt"/>
             <p>input validation errors are reviewed within <insert type="param" id-ref="si-10.02_odp.01"/>;</p>
+            <link rel="depends-on" href="#si-10.2_smt"/>
           </part>
           <part id="si-10.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(02)[02]"/>
-            <link rel="depends-on" href="#si-10.2_smt"/>
             <p>input validation errors are resolved within <insert type="param" id-ref="si-10.02_odp.02"/>.</p>
+            <link rel="depends-on" href="#si-10.2_smt"/>
           </part>
+          <link rel="depends-on" href="#si-10.2_smt"/>
         </part>
         <part id="si-10.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80226,17 +80226,17 @@
         </part>
         <part id="si-10.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-10(03)"/>
-          <link rel="depends-on" href="#si-10.3_smt"/>
           <part id="si-10.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(03)[01]"/>
-            <link rel="depends-on" href="#si-10.3_smt"/>
             <p>the system behaves in a predictable manner when invalid inputs are received;</p>
+            <link rel="depends-on" href="#si-10.3_smt"/>
           </part>
           <part id="si-10.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-10(03)[02]"/>
-            <link rel="depends-on" href="#si-10.3_smt"/>
             <p>the system behaves in a documented manner when invalid inputs are received.</p>
+            <link rel="depends-on" href="#si-10.3_smt"/>
           </part>
+          <link rel="depends-on" href="#si-10.3_smt"/>
         </part>
         <part id="si-10.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80286,8 +80286,8 @@
         </part>
         <part id="si-10.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-10(04)"/>
-          <link rel="depends-on" href="#si-10.4_smt"/>
           <p>timing interactions among system components are accounted for in determining appropriate responses for invalid inputs.</p>
+          <link rel="depends-on" href="#si-10.4_smt"/>
         </part>
         <part id="si-10.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80356,8 +80356,8 @@
         </part>
         <part id="si-10.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-10(05)"/>
-          <link rel="depends-on" href="#si-10.5_smt"/>
           <p>the use of information inputs is restricted to <insert type="param" id-ref="si-10.05_odp.01"/> and/or <insert type="param" id-ref="si-10.05_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-10.5_smt"/>
         </part>
         <part id="si-10.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80412,8 +80412,8 @@
         </part>
         <part id="si-10.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-10(06)"/>
-          <link rel="depends-on" href="#si-10.6_smt"/>
           <p>untrusted data injections are prevented.</p>
+          <link rel="depends-on" href="#si-10.6_smt"/>
         </part>
         <part id="si-10.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80485,17 +80485,17 @@
       </part>
       <part id="si-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-11"/>
-        <link rel="depends-on" href="#si-11_smt"/>
         <part id="si-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-11a."/>
-          <link rel="depends-on" href="#si-11_smt.a"/>
           <p>error messages that provide the information necessary for corrective actions are generated without revealing information that could be exploited;</p>
+          <link rel="depends-on" href="#si-11_smt.a"/>
         </part>
         <part id="si-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-11b."/>
-          <link rel="depends-on" href="#si-11_smt.b"/>
           <p>error messages are revealed only to <insert type="param" id-ref="si-11_odp"/>.</p>
+          <link rel="depends-on" href="#si-11_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-11_smt"/>
       </part>
       <part id="si-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80579,27 +80579,27 @@
       </part>
       <part id="si-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-12"/>
-        <link rel="depends-on" href="#si-12_smt"/>
         <part id="si-12_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12[01]"/>
-          <link rel="depends-on" href="#si-12_smt"/>
           <p>information within the system is managed in accordance with applicable laws, Executive Orders, directives, regulations, policies, standards, guidelines, and operational requirements;</p>
+          <link rel="depends-on" href="#si-12_smt"/>
         </part>
         <part id="si-12_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12[02]"/>
-          <link rel="depends-on" href="#si-12_smt"/>
           <p>information within the system is retained in accordance with applicable laws, Executive Orders, directives, regulations, policies, standards, guidelines, and operational requirements;</p>
+          <link rel="depends-on" href="#si-12_smt"/>
         </part>
         <part id="si-12_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12[03]"/>
-          <link rel="depends-on" href="#si-12_smt"/>
           <p>information output from the system is managed in accordance with applicable laws, Executive Orders, directives, regulations, policies, standards, guidelines, and operational requirements;</p>
+          <link rel="depends-on" href="#si-12_smt"/>
         </part>
         <part id="si-12_obj-4" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12[04]"/>
-          <link rel="depends-on" href="#si-12_smt"/>
           <p>information output from the system is retained in accordance with applicable laws, Executive Orders, directives, regulations, policies, standards, guidelines, and operational requirements.</p>
+          <link rel="depends-on" href="#si-12_smt"/>
         </part>
+        <link rel="depends-on" href="#si-12_smt"/>
       </part>
       <part id="si-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80664,8 +80664,8 @@
         </part>
         <part id="si-12.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12(01)"/>
-          <link rel="depends-on" href="#si-12.1_smt"/>
           <p>personally identifiable information being processed in the information life cycle is limited to <insert type="param" id-ref="si-12.01_odp"/>.</p>
+          <link rel="depends-on" href="#si-12.1_smt"/>
         </part>
         <part id="si-12.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80753,22 +80753,22 @@
         </part>
         <part id="si-12.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12(02)"/>
-          <link rel="depends-on" href="#si-12.2_smt"/>
           <part id="si-12.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-12(02)[01]"/>
-            <link rel="depends-on" href="#si-12.2_smt"/>
             <p><insert type="param" id-ref="si-12.02_odp.01"/> are used to minimize the use of personally identifiable information for research;</p>
+            <link rel="depends-on" href="#si-12.2_smt"/>
           </part>
           <part id="si-12.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-12(02)[02]"/>
-            <link rel="depends-on" href="#si-12.2_smt"/>
             <p><insert type="param" id-ref="si-12.02_odp.02"/> are used to minimize the use of personally identifiable information for testing;</p>
+            <link rel="depends-on" href="#si-12.2_smt"/>
           </part>
           <part id="si-12.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-12(02)[03]"/>
-            <link rel="depends-on" href="#si-12.2_smt"/>
             <p><insert type="param" id-ref="si-12.02_odp.03"/> are used to minimize the use of personally identifiable information for training.</p>
+            <link rel="depends-on" href="#si-12.2_smt"/>
           </part>
+          <link rel="depends-on" href="#si-12.2_smt"/>
         </part>
         <part id="si-12.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80852,22 +80852,22 @@
         </part>
         <part id="si-12.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-12(03)"/>
-          <link rel="depends-on" href="#si-12.3_smt"/>
           <part id="si-12.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-12(03)[01]"/>
-            <link rel="depends-on" href="#si-12.3_smt"/>
             <p><insert type="param" id-ref="si-12.03_odp.01"/> are used to dispose of information following the retention period;</p>
+            <link rel="depends-on" href="#si-12.3_smt"/>
           </part>
           <part id="si-12.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-12(03)[02]"/>
-            <link rel="depends-on" href="#si-12.3_smt"/>
             <p><insert type="param" id-ref="si-12.03_odp.02"/> are used to destroy information following the retention period;</p>
+            <link rel="depends-on" href="#si-12.3_smt"/>
           </part>
           <part id="si-12.3_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-12(03)[03]"/>
-            <link rel="depends-on" href="#si-12.3_smt"/>
             <p><insert type="param" id-ref="si-12.03_odp.03"/> are used to erase information following the retention period.</p>
+            <link rel="depends-on" href="#si-12.3_smt"/>
           </part>
+          <link rel="depends-on" href="#si-12.3_smt"/>
         </part>
         <part id="si-12.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -80957,17 +80957,17 @@
       </part>
       <part id="si-13_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-13"/>
-        <link rel="depends-on" href="#si-13_smt"/>
         <part id="si-13_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-13a."/>
-          <link rel="depends-on" href="#si-13_smt.a"/>
           <p>mean time to failure (MTTF) is determined for <insert type="param" id-ref="si-13_odp.01"/> in specific environments of operation;</p>
+          <link rel="depends-on" href="#si-13_smt.a"/>
         </part>
         <part id="si-13_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-13b."/>
-          <link rel="depends-on" href="#si-13_smt.b"/>
           <p>substitute system components and a means to exchange active and standby components are provided in accordance with <insert type="param" id-ref="si-13_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-13_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-13_smt"/>
       </part>
       <part id="si-13_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81025,8 +81025,8 @@
         </part>
         <part id="si-13.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-13(01)"/>
-          <link rel="depends-on" href="#si-13.1_smt"/>
           <p>system components are taken out of service by transferring component responsibilities to substitute components no later than <insert type="param" id-ref="si-13.01_odp"/> of mean time to failure.</p>
+          <link rel="depends-on" href="#si-13.1_smt"/>
         </part>
         <part id="si-13.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81093,8 +81093,8 @@
         </part>
         <part id="si-13.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-13(03)"/>
-          <link rel="depends-on" href="#si-13.3_smt"/>
           <p>transfers are initiated manually between active and standby system components when the use of the active component reaches <insert type="param" id-ref="si-13.03_odp"/> of the mean time to failure.</p>
+          <link rel="depends-on" href="#si-13.3_smt"/>
         </part>
         <part id="si-13.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81186,17 +81186,17 @@
         </part>
         <part id="si-13.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-13(04)"/>
-          <link rel="depends-on" href="#si-13.4_smt"/>
           <part id="si-13.4_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-13(04)(a)"/>
-            <link rel="depends-on" href="#si-13.4_smt.a"/>
             <p>the standby components are successfully and transparently installed within <insert type="param" id-ref="si-13.04_odp.01"/> if system component failures are detected;</p>
+            <link rel="depends-on" href="#si-13.4_smt.a"/>
           </part>
           <part id="si-13.4_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-13(04)(b)"/>
-            <link rel="depends-on" href="#si-13.4_smt.b"/>
             <p><insert type="param" id-ref="si-13.04_odp.02"/> are performed if system component failures are detected.</p>
+            <link rel="depends-on" href="#si-13.4_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-13.4_smt"/>
         </part>
         <part id="si-13.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81268,8 +81268,8 @@
         </part>
         <part id="si-13.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-13(05)"/>
-          <link rel="depends-on" href="#si-13.5_smt"/>
           <p><insert type="param" id-ref="si-13.05_odp.01"/> <insert type="param" id-ref="si-13.05_odp.02"/> is provided for the system.</p>
+          <link rel="depends-on" href="#si-13.5_smt"/>
         </part>
         <part id="si-13.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81349,17 +81349,17 @@
       </part>
       <part id="si-14_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-14"/>
-        <link rel="depends-on" href="#si-14_smt"/>
         <part id="si-14_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-14[01]"/>
-          <link rel="depends-on" href="#si-14_smt"/>
           <p>non-persistent <insert type="param" id-ref="si-14_odp.01"/> that are initiated in a known state are implemented;</p>
+          <link rel="depends-on" href="#si-14_smt"/>
         </part>
         <part id="si-14_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-14[02]"/>
-          <link rel="depends-on" href="#si-14_smt"/>
           <p>non-persistent <insert type="param" id-ref="si-14_odp.01"/> are terminated <insert type="param" id-ref="si-14_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-14_smt"/>
         </part>
+        <link rel="depends-on" href="#si-14_smt"/>
       </part>
       <part id="si-14_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81416,8 +81416,8 @@
         </part>
         <part id="si-14.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-14(01)"/>
-          <link rel="depends-on" href="#si-14.1_smt"/>
           <p>the software and data employed during system component and service refreshes are obtained from <insert type="param" id-ref="si-14.01_odp"/>.</p>
+          <link rel="depends-on" href="#si-14.1_smt"/>
         </part>
         <part id="si-14.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81505,17 +81505,17 @@
         </part>
         <part id="si-14.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-14(02)"/>
-          <link rel="depends-on" href="#si-14.2_smt"/>
           <part id="si-14.2_obj.a" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-14(02)(a)"/>
-            <link rel="depends-on" href="#si-14.2_smt.a"/>
             <p><insert type="param" id-ref="si-14.02_odp.01"/> is performed;</p>
+            <link rel="depends-on" href="#si-14.2_smt.a"/>
           </part>
           <part id="si-14.2_obj.b" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-14(02)(b)"/>
-            <link rel="depends-on" href="#si-14.2_smt.b"/>
             <p>information is deleted when no longer needed.</p>
+            <link rel="depends-on" href="#si-14.2_smt.b"/>
           </part>
+          <link rel="depends-on" href="#si-14.2_smt"/>
         </part>
         <part id="si-14.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81573,17 +81573,17 @@
         </part>
         <part id="si-14.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-14(03)"/>
-          <link rel="depends-on" href="#si-14.3_smt"/>
           <part id="si-14.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-14(03)[01]"/>
-            <link rel="depends-on" href="#si-14.3_smt"/>
             <p>connections to the system are established on demand;</p>
+            <link rel="depends-on" href="#si-14.3_smt"/>
           </part>
           <part id="si-14.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-14(03)[02]"/>
-            <link rel="depends-on" href="#si-14.3_smt"/>
             <p>connections to the system are terminated after <insert type="param" id-ref="si-14.03_odp"/>.</p>
+            <link rel="depends-on" href="#si-14.3_smt"/>
           </part>
+          <link rel="depends-on" href="#si-14.3_smt"/>
         </part>
         <part id="si-14.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81643,8 +81643,8 @@
       </part>
       <part id="si-15_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-15"/>
-        <link rel="depends-on" href="#si-15_smt"/>
         <p>information output from <insert type="param" id-ref="si-15_odp"/> is validated to ensure that the information is consistent with the expected content.</p>
+        <link rel="depends-on" href="#si-15_smt"/>
       </part>
       <part id="si-15_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81705,8 +81705,8 @@
       </part>
       <part id="si-16_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-16"/>
-        <link rel="depends-on" href="#si-16_smt"/>
         <p><insert type="param" id-ref="si-16_odp"/> are implemented to protect the system memory from unauthorized code execution.</p>
+        <link rel="depends-on" href="#si-16_smt"/>
       </part>
       <part id="si-16_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81779,8 +81779,8 @@
       </part>
       <part id="si-17_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-17"/>
-        <link rel="depends-on" href="#si-17_smt"/>
         <p><insert type="param" id-ref="si-17_odp.01"/> are implemented when <insert type="param" id-ref="si-17_odp.02"/> occur.</p>
+        <link rel="depends-on" href="#si-17_smt"/>
       </part>
       <part id="si-17_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81880,36 +81880,36 @@
       </part>
       <part id="si-18_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-18"/>
-        <link rel="depends-on" href="#si-18_smt"/>
         <part id="si-18_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18a."/>
-          <link rel="depends-on" href="#si-18_smt.a"/>
           <part id="si-18_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-18a.[01]"/>
-            <link rel="depends-on" href="#si-18_smt.a"/>
             <p>the accuracy of personally identifiable information across the information life cycle is checked <insert type="param" id-ref="si-18_odp.01"/>;</p>
+            <link rel="depends-on" href="#si-18_smt.a"/>
           </part>
           <part id="si-18_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-18a.[02]"/>
-            <link rel="depends-on" href="#si-18_smt.a"/>
             <p>the relevance of personally identifiable information across the information life cycle is checked <insert type="param" id-ref="si-18_odp.02"/>;</p>
+            <link rel="depends-on" href="#si-18_smt.a"/>
           </part>
           <part id="si-18_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-18a.[03]"/>
-            <link rel="depends-on" href="#si-18_smt.a"/>
             <p>the timeliness of personally identifiable information across the information life cycle is checked <insert type="param" id-ref="si-18_odp.03"/>;</p>
+            <link rel="depends-on" href="#si-18_smt.a"/>
           </part>
           <part id="si-18_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-18a.[04]"/>
-            <link rel="depends-on" href="#si-18_smt.a"/>
             <p>the completeness of personally identifiable information across the information life cycle is checked <insert type="param" id-ref="si-18_odp.04"/>;</p>
+            <link rel="depends-on" href="#si-18_smt.a"/>
           </part>
+          <link rel="depends-on" href="#si-18_smt.a"/>
         </part>
         <part id="si-18_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18b."/>
-          <link rel="depends-on" href="#si-18_smt.b"/>
           <p>inaccurate or outdated personally identifiable information is corrected or deleted.</p>
+          <link rel="depends-on" href="#si-18_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-18_smt"/>
       </part>
       <part id="si-18_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -81974,8 +81974,8 @@
         </part>
         <part id="si-18.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18(01)"/>
-          <link rel="depends-on" href="#si-18.1_smt"/>
           <p><insert type="param" id-ref="si-18.01_odp"/> are used to correct or delete personally identifiable information that is inaccurate, outdated, incorrectly determined regarding impact, or incorrectly de-identified.</p>
+          <link rel="depends-on" href="#si-18.1_smt"/>
         </part>
         <part id="si-18.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82032,8 +82032,8 @@
         </part>
         <part id="si-18.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18(02)"/>
-          <link rel="depends-on" href="#si-18.2_smt"/>
           <p>data tags are employed to automate the correction or deletion of personally identifiable information across the information life cycle within organizational systems.</p>
+          <link rel="depends-on" href="#si-18.2_smt"/>
         </part>
         <part id="si-18.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82086,8 +82086,8 @@
         </part>
         <part id="si-18.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18(03)"/>
-          <link rel="depends-on" href="#si-18.3_smt"/>
           <p>personally identifiable information is collected directly from the individual.</p>
+          <link rel="depends-on" href="#si-18.3_smt"/>
         </part>
         <part id="si-18.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82139,8 +82139,8 @@
         </part>
         <part id="si-18.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18(04)"/>
-          <link rel="depends-on" href="#si-18.4_smt"/>
           <p>personally identifiable information is corrected or deleted upon request by individuals or their designated representatives.</p>
+          <link rel="depends-on" href="#si-18.4_smt"/>
         </part>
         <part id="si-18.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82202,8 +82202,8 @@
         </part>
         <part id="si-18.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-18(05)"/>
-          <link rel="depends-on" href="#si-18.5_smt"/>
           <p><insert type="param" id-ref="si-18.05_odp"/> and individuals are notified when the personally identifiable information has been corrected or deleted.</p>
+          <link rel="depends-on" href="#si-18.5_smt"/>
         </part>
         <part id="si-18.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82288,17 +82288,17 @@
       </part>
       <part id="si-19_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-19"/>
-        <link rel="depends-on" href="#si-19_smt"/>
         <part id="si-19_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19a."/>
-          <link rel="depends-on" href="#si-19_smt.a"/>
           <p><insert type="param" id-ref="si-19_odp.01"/> are removed from datasets;</p>
+          <link rel="depends-on" href="#si-19_smt.a"/>
         </part>
         <part id="si-19_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19b."/>
-          <link rel="depends-on" href="#si-19_smt.b"/>
           <p>the effectiveness of de-identification is evaluated <insert type="param" id-ref="si-19_odp.02"/>.</p>
+          <link rel="depends-on" href="#si-19_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-19_smt"/>
       </part>
       <part id="si-19_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82349,8 +82349,8 @@
         </part>
         <part id="si-19.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(01)"/>
-          <link rel="depends-on" href="#si-19.1_smt"/>
           <p>the dataset is de-identified upon collection by not collecting personally identifiable information.</p>
+          <link rel="depends-on" href="#si-19.1_smt"/>
         </part>
         <part id="si-19.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82402,8 +82402,8 @@
         </part>
         <part id="si-19.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(02)"/>
-          <link rel="depends-on" href="#si-19.2_smt"/>
           <p>the archiving of personally identifiable information elements is prohibited if those elements in a dataset will not be needed after the dataset is archived.</p>
+          <link rel="depends-on" href="#si-19.2_smt"/>
         </part>
         <part id="si-19.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82455,8 +82455,8 @@
         </part>
         <part id="si-19.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(03)"/>
-          <link rel="depends-on" href="#si-19.3_smt"/>
           <p>personally identifiable information elements are removed from a dataset prior to its release if those elements in the dataset do not need to be part of the data release.</p>
+          <link rel="depends-on" href="#si-19.3_smt"/>
         </part>
         <part id="si-19.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82509,8 +82509,8 @@
         </part>
         <part id="si-19.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(04)"/>
-          <link rel="depends-on" href="#si-19.4_smt"/>
           <p>direct identifiers in a dataset are removed, masked, encrypted, hashed, or replaced.</p>
+          <link rel="depends-on" href="#si-19.4_smt"/>
         </part>
         <part id="si-19.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82562,22 +82562,22 @@
         </part>
         <part id="si-19.5_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(05)"/>
-          <link rel="depends-on" href="#si-19.5_smt"/>
           <part id="si-19.5_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-19(05)[01]"/>
-            <link rel="depends-on" href="#si-19.5_smt"/>
             <p>numerical data is manipulated so that no individual or organization is identifiable in the results of the analysis;</p>
+            <link rel="depends-on" href="#si-19.5_smt"/>
           </part>
           <part id="si-19.5_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-19(05)[02]"/>
-            <link rel="depends-on" href="#si-19.5_smt"/>
             <p>contingency tables are manipulated so that no individual or organization is identifiable in the results of the analysis;</p>
+            <link rel="depends-on" href="#si-19.5_smt"/>
           </part>
           <part id="si-19.5_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-19(05)[03]"/>
-            <link rel="depends-on" href="#si-19.5_smt"/>
             <p>statistical findings are manipulated so that no individual or organization is identifiable in the results of the analysis.</p>
+            <link rel="depends-on" href="#si-19.5_smt"/>
           </part>
+          <link rel="depends-on" href="#si-19.5_smt"/>
         </part>
         <part id="si-19.5_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82632,8 +82632,8 @@
         </part>
         <part id="si-19.6_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(06)"/>
-          <link rel="depends-on" href="#si-19.6_smt"/>
           <p>the disclosure of personally identifiable information is prevented by adding non-deterministic noise to the results of mathematical operations before the results are reported.</p>
+          <link rel="depends-on" href="#si-19.6_smt"/>
         </part>
         <part id="si-19.6_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82685,17 +82685,17 @@
         </part>
         <part id="si-19.7_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(07)"/>
-          <link rel="depends-on" href="#si-19.7_smt"/>
           <part id="si-19.7_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-19(07)[01]"/>
-            <link rel="depends-on" href="#si-19.7_smt"/>
             <p>de-identification is performed using validated algorithms;</p>
+            <link rel="depends-on" href="#si-19.7_smt"/>
           </part>
           <part id="si-19.7_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SI-19(07)[02]"/>
-            <link rel="depends-on" href="#si-19.7_smt"/>
             <p>de-identification is performed using software that is validated to implement the algorithms.</p>
+            <link rel="depends-on" href="#si-19.7_smt"/>
           </part>
+          <link rel="depends-on" href="#si-19.7_smt"/>
         </part>
         <part id="si-19.7_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82747,8 +82747,8 @@
         </part>
         <part id="si-19.8_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-19(08)"/>
-          <link rel="depends-on" href="#si-19.8_smt"/>
           <p>a motivated intruder test is performed on the de-identified dataset to determine if the identified data remains or if the de-identified data can be re-identified.</p>
+          <link rel="depends-on" href="#si-19.8_smt"/>
         </part>
         <part id="si-19.8_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82812,8 +82812,8 @@
       </part>
       <part id="si-20_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-20"/>
-        <link rel="depends-on" href="#si-20_smt"/>
         <p>data or capabilities are embedded in <insert type="param" id-ref="si-20_odp"/> to determine if organizational data has been exfiltrated or improperly removed from the organization.</p>
+        <link rel="depends-on" href="#si-20_smt"/>
       </part>
       <part id="si-20_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82885,8 +82885,8 @@
       </part>
       <part id="si-21_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-21"/>
-        <link rel="depends-on" href="#si-21_smt"/>
         <p>the <insert type="param" id-ref="si-21_odp.01"/> is refreshed <insert type="param" id-ref="si-21_odp.02"/> or is generated on demand and deleted when no longer needed.</p>
+        <link rel="depends-on" href="#si-21_smt"/>
       </part>
       <part id="si-21_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -82972,17 +82972,17 @@
       </part>
       <part id="si-22_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-22"/>
-        <link rel="depends-on" href="#si-22_smt"/>
         <part id="si-22_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-22a."/>
-          <link rel="depends-on" href="#si-22_smt.a"/>
           <p><insert type="param" id-ref="si-22_odp.01"/> for <insert type="param" id-ref="si-22_odp.02"/> are identified;</p>
+          <link rel="depends-on" href="#si-22_smt.a"/>
         </part>
         <part id="si-22_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-22b."/>
-          <link rel="depends-on" href="#si-22_smt.b"/>
           <p>an alternative information source is used for the execution of essential functions or services on <insert type="param" id-ref="si-22_odp.03"/> when the primary source of information is corrupted or unavailable.</p>
+          <link rel="depends-on" href="#si-22_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-22_smt"/>
       </part>
       <part id="si-22_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83065,17 +83065,17 @@
       </part>
       <part id="si-23_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SI-23"/>
-        <link rel="depends-on" href="#si-23_smt"/>
         <part id="si-23_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-23a."/>
-          <link rel="depends-on" href="#si-23_smt.a"/>
           <p>under <insert type="param" id-ref="si-23_odp.01"/>, <insert type="param" id-ref="si-23_odp.02"/> is fragmented;</p>
+          <link rel="depends-on" href="#si-23_smt.a"/>
         </part>
         <part id="si-23_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SI-23b."/>
-          <link rel="depends-on" href="#si-23_smt.b"/>
           <p>under <insert type="param" id-ref="si-23_odp.01"/> , the fragmented information is distributed across <insert type="param" id-ref="si-23_odp.03"/>.</p>
+          <link rel="depends-on" href="#si-23_smt.b"/>
         </part>
+        <link rel="depends-on" href="#si-23_smt"/>
       </part>
       <part id="si-23_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83250,116 +83250,116 @@
       </part>
       <part id="sr-1_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-01"/>
-        <link rel="depends-on" href="#sr-1_smt"/>
         <part id="sr-1_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-01a."/>
-          <link rel="depends-on" href="#sr-1_smt.a"/>
           <part id="sr-1_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01a.[01]"/>
-            <link rel="depends-on" href="#sr-1_smt.a"/>
             <p>a supply chain risk management policy is developed and documented;</p>
+            <link rel="depends-on" href="#sr-1_smt.a"/>
           </part>
           <part id="sr-1_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01a.[02]"/>
-            <link rel="depends-on" href="#sr-1_smt.a"/>
             <p>the supply chain risk management policy is disseminated to <insert type="param" id-ref="sr-01_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-1_smt.a"/>
           </part>
           <part id="sr-1_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01a.[03]"/>
-            <link rel="depends-on" href="#sr-1_smt.a"/>
             <p>supply chain risk management procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls are developed and documented;</p>
+            <link rel="depends-on" href="#sr-1_smt.a"/>
           </part>
           <part id="sr-1_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01a.[04]"/>
-            <link rel="depends-on" href="#sr-1_smt.a"/>
             <p>the supply chain risk management procedures are disseminated to <insert type="param" id-ref="sr-01_odp.02"/>.</p>
+            <link rel="depends-on" href="#sr-1_smt.a"/>
           </part>
           <part id="sr-1_obj.a.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01a.01"/>
-            <link rel="depends-on" href="#sr-1_smt.a.1"/>
             <part id="sr-1_obj.a.1.a" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SR-01a.01(a)"/>
-              <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               <part id="sr-1_obj.a.1.a-1" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[01]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses purpose;</p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
               <part id="sr-1_obj.a.1.a-2" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[02]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses scope; </p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
               <part id="sr-1_obj.a.1.a-3" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[03]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p><insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses roles;</p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
               <part id="sr-1_obj.a.1.a-4" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[04]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses responsibilities;</p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
               <part id="sr-1_obj.a.1.a-5" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[05]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses management commitment;</p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
               <part id="sr-1_obj.a.1.a-6" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[06]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses coordination among organizational entities;</p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
               <part id="sr-1_obj.a.1.a-7" name="assessment-objective">
                 <prop name="label" class="sp800-53a" value="SR-01a.01(a)[07]"/>
-                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
                 <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy addresses compliance.</p>
+                <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
               </part>
+              <link rel="depends-on" href="#sr-1_smt.a.1.a"/>
             </part>
             <part id="sr-1_obj.a.1.b" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SR-01a.01(b)"/>
-              <link rel="depends-on" href="#sr-1_smt.a.1.b"/>
               <p>the <insert type="param" id-ref="sr-01_odp.03"/> supply chain risk management policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines;</p>
+              <link rel="depends-on" href="#sr-1_smt.a.1.b"/>
             </part>
+            <link rel="depends-on" href="#sr-1_smt.a.1"/>
           </part>
+          <link rel="depends-on" href="#sr-1_smt.a"/>
         </part>
         <part id="sr-1_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-01b."/>
-          <link rel="depends-on" href="#sr-1_smt.b"/>
           <p>the <insert type="param" id-ref="sr-01_odp.04"/> is designated to manage the development, documentation, and dissemination of the supply chain risk management policy and procedures;</p>
+          <link rel="depends-on" href="#sr-1_smt.b"/>
         </part>
         <part id="sr-1_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-01c."/>
-          <link rel="depends-on" href="#sr-1_smt.c"/>
           <part id="sr-1_obj.c.1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01c.01"/>
-            <link rel="depends-on" href="#sr-1_smt.c.1"/>
             <part id="sr-1_obj.c.1-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SR-01c.01[01]"/>
-              <link rel="depends-on" href="#sr-1_smt.c.1"/>
               <p>the current supply chain risk management policy is reviewed and updated <insert type="param" id-ref="sr-01_odp.05"/>;</p>
+              <link rel="depends-on" href="#sr-1_smt.c.1"/>
             </part>
             <part id="sr-1_obj.c.1-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SR-01c.01[02]"/>
-              <link rel="depends-on" href="#sr-1_smt.c.1"/>
               <p>the current supply chain risk management policy is reviewed and updated following <insert type="param" id-ref="sr-01_odp.06"/>;</p>
+              <link rel="depends-on" href="#sr-1_smt.c.1"/>
             </part>
+            <link rel="depends-on" href="#sr-1_smt.c.1"/>
           </part>
           <part id="sr-1_obj.c.2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-01c.02"/>
-            <link rel="depends-on" href="#sr-1_smt.c.2"/>
             <part id="sr-1_obj.c.2-1" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SR-01c.02[01]"/>
-              <link rel="depends-on" href="#sr-1_smt.c.2"/>
               <p>the current supply chain risk management procedures are reviewed and updated <insert type="param" id-ref="sr-01_odp.07"/>;</p>
+              <link rel="depends-on" href="#sr-1_smt.c.2"/>
             </part>
             <part id="sr-1_obj.c.2-2" name="assessment-objective">
               <prop name="label" class="sp800-53a" value="SR-01c.02[02]"/>
-              <link rel="depends-on" href="#sr-1_smt.c.2"/>
               <p>the current supply chain risk management procedures are reviewed and updated following <insert type="param" id-ref="sr-01_odp.08"/>.</p>
+              <link rel="depends-on" href="#sr-1_smt.c.2"/>
             </part>
+            <link rel="depends-on" href="#sr-1_smt.c.2"/>
           </part>
+          <link rel="depends-on" href="#sr-1_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sr-1_smt"/>
       </part>
       <part id="sr-1_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83450,75 +83450,75 @@
       </part>
       <part id="sr-2_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-02"/>
-        <link rel="depends-on" href="#sr-2_smt"/>
         <part id="sr-2_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-02a."/>
-          <link rel="depends-on" href="#sr-2_smt.a"/>
           <part id="sr-2_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[01]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>a plan for managing supply chain risks is developed;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[02]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the research and development of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[03]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the design of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[04]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the manufacturing of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-5" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[05]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the acquisition of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-6" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[06]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the delivery of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-7" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[07]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the integration of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-8" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[08]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the operation and maintenance of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
           <part id="sr-2_obj.a-9" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02a.[09]"/>
-            <link rel="depends-on" href="#sr-2_smt.a"/>
             <p>the supply chain risk management plan addresses risks associated with the disposal of <insert type="param" id-ref="sr-02_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-2_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sr-2_smt.a"/>
         </part>
         <part id="sr-2_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-02b."/>
-          <link rel="depends-on" href="#sr-2_smt.b"/>
           <p>the supply chain risk management plan is reviewed and updated <insert type="param" id-ref="sr-02_odp.02"/> or as required to address threat, organizational, or environmental changes;</p>
+          <link rel="depends-on" href="#sr-2_smt.b"/>
         </part>
         <part id="sr-2_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-02c."/>
-          <link rel="depends-on" href="#sr-2_smt.c"/>
           <part id="sr-2_obj.c-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02c.[01]"/>
-            <link rel="depends-on" href="#sr-2_smt.c"/>
             <p>the supply chain risk management plan is protected from unauthorized disclosure;</p>
+            <link rel="depends-on" href="#sr-2_smt.c"/>
           </part>
           <part id="sr-2_obj.c-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-02c.[02]"/>
-            <link rel="depends-on" href="#sr-2_smt.c"/>
             <p>the supply chain risk management plan is protected from unauthorized modification.</p>
+            <link rel="depends-on" href="#sr-2_smt.c"/>
           </part>
+          <link rel="depends-on" href="#sr-2_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sr-2_smt"/>
       </part>
       <part id="sr-2_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83598,8 +83598,8 @@
         </part>
         <part id="sr-2.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-02(01)"/>
-          <link rel="depends-on" href="#sr-2.1_smt"/>
           <p>a supply chain risk management team consisting of <insert type="param" id-ref="sr-02.01_odp.01"/> is established to lead and support <insert type="param" id-ref="sr-02.01_odp.02"/>.</p>
+          <link rel="depends-on" href="#sr-2.1_smt"/>
         </part>
         <part id="sr-2.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83728,31 +83728,31 @@
       </part>
       <part id="sr-3_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-03"/>
-        <link rel="depends-on" href="#sr-3_smt"/>
         <part id="sr-3_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-03a."/>
-          <link rel="depends-on" href="#sr-3_smt.a"/>
           <part id="sr-3_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-03a.[01]"/>
-            <link rel="depends-on" href="#sr-3_smt.a"/>
             <p>a process or processes is/are established to identify and address weaknesses or deficiencies in the supply chain elements and processes of <insert type="param" id-ref="sr-03_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-3_smt.a"/>
           </part>
           <part id="sr-3_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-03a.[02]"/>
-            <link rel="depends-on" href="#sr-3_smt.a"/>
             <p>the process or processes to identify and address weaknesses or deficiencies in the supply chain elements and processes of <insert type="param" id-ref="sr-03_odp.01"/> is/are coordinated with <insert type="param" id-ref="sr-03_odp.02"/>;</p>
+            <link rel="depends-on" href="#sr-3_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sr-3_smt.a"/>
         </part>
         <part id="sr-3_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-03b."/>
-          <link rel="depends-on" href="#sr-3_smt.b"/>
           <p><insert type="param" id-ref="sr-03_odp.03"/> are employed to protect against supply chain risks to the system, system component, or system service and to limit the harm or consequences from supply chain-related events;</p>
+          <link rel="depends-on" href="#sr-3_smt.b"/>
         </part>
         <part id="sr-3_obj.c" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-03c."/>
-          <link rel="depends-on" href="#sr-3_smt.c"/>
           <p>the selected and implemented supply chain processes and controls are documented in <insert type="param" id-ref="sr-03_odp.04"/>.</p>
+          <link rel="depends-on" href="#sr-3_smt.c"/>
         </part>
+        <link rel="depends-on" href="#sr-3_smt"/>
       </part>
       <part id="sr-3_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83827,17 +83827,17 @@
         </part>
         <part id="sr-3.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-03(01)"/>
-          <link rel="depends-on" href="#sr-3.1_smt"/>
           <part id="sr-3.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-03(01)[01]"/>
-            <link rel="depends-on" href="#sr-3.1_smt"/>
             <p>a diverse set of sources is employed for <insert type="param" id-ref="sr-03.01_odp.01"/>;</p>
+            <link rel="depends-on" href="#sr-3.1_smt"/>
           </part>
           <part id="sr-3.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-03(01)[02]"/>
-            <link rel="depends-on" href="#sr-3.1_smt"/>
             <p>a diverse set of sources is employed for <insert type="param" id-ref="sr-03.01_odp.02"/>.</p>
+            <link rel="depends-on" href="#sr-3.1_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-3.1_smt"/>
         </part>
         <part id="sr-3.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83898,8 +83898,8 @@
         </part>
         <part id="sr-3.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-03(02)"/>
-          <link rel="depends-on" href="#sr-3.2_smt"/>
           <p><insert type="param" id-ref="sr-03.02_odp"/> are employed to limit harm from potential adversaries identifying and targeting the organizational supply chain.</p>
+          <link rel="depends-on" href="#sr-3.2_smt"/>
         </part>
         <part id="sr-3.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -83961,8 +83961,8 @@
         </part>
         <part id="sr-3.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-03(03)"/>
-          <link rel="depends-on" href="#sr-3.3_smt"/>
           <p>the controls included in the contracts of prime contractors are also included in the contracts of subcontractors.</p>
+          <link rel="depends-on" href="#sr-3.3_smt"/>
         </part>
         <part id="sr-3.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84038,22 +84038,22 @@
       </part>
       <part id="sr-4_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-04"/>
-        <link rel="depends-on" href="#sr-4_smt"/>
         <part id="sr-4_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04[01]"/>
-          <link rel="depends-on" href="#sr-4_smt"/>
           <p>valid provenance is documented for <insert type="param" id-ref="sr-04_odp"/>;</p>
+          <link rel="depends-on" href="#sr-4_smt"/>
         </part>
         <part id="sr-4_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04[02]"/>
-          <link rel="depends-on" href="#sr-4_smt"/>
           <p>valid provenance is monitored for <insert type="param" id-ref="sr-04_odp"/>;</p>
+          <link rel="depends-on" href="#sr-4_smt"/>
         </part>
         <part id="sr-4_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04[03]"/>
-          <link rel="depends-on" href="#sr-4_smt"/>
           <p>valid provenance is maintained for <insert type="param" id-ref="sr-04_odp"/>.</p>
+          <link rel="depends-on" href="#sr-4_smt"/>
         </part>
+        <link rel="depends-on" href="#sr-4_smt"/>
       </part>
       <part id="sr-4_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84118,17 +84118,17 @@
         </part>
         <part id="sr-4.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04(01)"/>
-          <link rel="depends-on" href="#sr-4.1_smt"/>
           <part id="sr-4.1_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(01)[01]"/>
-            <link rel="depends-on" href="#sr-4.1_smt"/>
             <p>unique identification of <insert type="param" id-ref="sr-04.01_odp"/> is established;</p>
+            <link rel="depends-on" href="#sr-4.1_smt"/>
           </part>
           <part id="sr-4.1_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(01)[02]"/>
-            <link rel="depends-on" href="#sr-4.1_smt"/>
             <p>unique identification of <insert type="param" id-ref="sr-04.01_odp"/> is maintained.</p>
+            <link rel="depends-on" href="#sr-4.1_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-4.1_smt"/>
         </part>
         <part id="sr-4.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84191,17 +84191,17 @@
         </part>
         <part id="sr-4.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04(02)"/>
-          <link rel="depends-on" href="#sr-4.2_smt"/>
           <part id="sr-4.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(02)[01]"/>
-            <link rel="depends-on" href="#sr-4.2_smt"/>
             <p>the unique identification of <insert type="param" id-ref="sr-04.02_odp"/> is established for tracking through the supply chain;</p>
+            <link rel="depends-on" href="#sr-4.2_smt"/>
           </part>
           <part id="sr-4.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(02)[02]"/>
-            <link rel="depends-on" href="#sr-4.2_smt"/>
             <p>the unique identification of <insert type="param" id-ref="sr-04.02_odp"/> is maintained for tracking through the supply chain.</p>
+            <link rel="depends-on" href="#sr-4.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-4.2_smt"/>
         </part>
         <part id="sr-4.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84275,17 +84275,17 @@
         </part>
         <part id="sr-4.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04(03)"/>
-          <link rel="depends-on" href="#sr-4.3_smt"/>
           <part id="sr-4.3_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(03)[01]"/>
-            <link rel="depends-on" href="#sr-4.3_smt"/>
             <p><insert type="param" id-ref="sr-04.03_odp.01"/> are employed to validate that the system or system component received is genuine;</p>
+            <link rel="depends-on" href="#sr-4.3_smt"/>
           </part>
           <part id="sr-4.3_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(03)[02]"/>
-            <link rel="depends-on" href="#sr-4.3_smt"/>
             <p><insert type="param" id-ref="sr-04.03_odp.02"/> are employed to validate that the system or system component received has not been altered.</p>
+            <link rel="depends-on" href="#sr-4.3_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-4.3_smt"/>
         </part>
         <part id="sr-4.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84360,17 +84360,17 @@
         </part>
         <part id="sr-4.4_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-04(04)"/>
-          <link rel="depends-on" href="#sr-4.4_smt"/>
           <part id="sr-4.4_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(04)[01]"/>
-            <link rel="depends-on" href="#sr-4.4_smt"/>
             <p><insert type="param" id-ref="sr-04.04_odp.01"/> are employed to ensure the integrity of the system and system components;</p>
+            <link rel="depends-on" href="#sr-4.4_smt"/>
           </part>
           <part id="sr-4.4_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-04(04)[02]"/>
-            <link rel="depends-on" href="#sr-4.4_smt"/>
             <p><insert type="param" id-ref="sr-04.04_odp.02"/> is conducted to ensure the integrity of the system and system components.</p>
+            <link rel="depends-on" href="#sr-4.4_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-4.4_smt"/>
         </part>
         <part id="sr-4.4_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84454,22 +84454,22 @@
       </part>
       <part id="sr-5_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-05"/>
-        <link rel="depends-on" href="#sr-5_smt"/>
         <part id="sr-5_obj-1" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-05[01]"/>
-          <link rel="depends-on" href="#sr-5_smt"/>
           <p><insert type="param" id-ref="sr-05_odp"/> are employed to protect against supply chain risks;</p>
+          <link rel="depends-on" href="#sr-5_smt"/>
         </part>
         <part id="sr-5_obj-2" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-05[02]"/>
-          <link rel="depends-on" href="#sr-5_smt"/>
           <p><insert type="param" id-ref="sr-05_odp"/> are employed to identify supply chain risks;</p>
+          <link rel="depends-on" href="#sr-5_smt"/>
         </part>
         <part id="sr-5_obj-3" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-05[03]"/>
-          <link rel="depends-on" href="#sr-5_smt"/>
           <p><insert type="param" id-ref="sr-05_odp"/> are employed to mitigate supply chain risks.</p>
+          <link rel="depends-on" href="#sr-5_smt"/>
         </part>
+        <link rel="depends-on" href="#sr-5_smt"/>
       </part>
       <part id="sr-5_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84542,8 +84542,8 @@
         </part>
         <part id="sr-5.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-05(01)"/>
-          <link rel="depends-on" href="#sr-5.1_smt"/>
           <p><insert type="param" id-ref="sr-05.01_odp.01"/> are employed to ensure an adequate supply of <insert type="param" id-ref="sr-05.01_odp.02"/>.</p>
+          <link rel="depends-on" href="#sr-5.1_smt"/>
         </part>
         <part id="sr-5.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84606,27 +84606,27 @@
         </part>
         <part id="sr-5.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-05(02)"/>
-          <link rel="depends-on" href="#sr-5.2_smt"/>
           <part id="sr-5.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-05(02)[01]"/>
-            <link rel="depends-on" href="#sr-5.2_smt"/>
             <p>the system, system component, or system service is assessed prior to selection;</p>
+            <link rel="depends-on" href="#sr-5.2_smt"/>
           </part>
           <part id="sr-5.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-05(02)[02]"/>
-            <link rel="depends-on" href="#sr-5.2_smt"/>
             <p>the system, system component, or system service is assessed prior to acceptance;</p>
+            <link rel="depends-on" href="#sr-5.2_smt"/>
           </part>
           <part id="sr-5.2_obj-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-05(02)[03]"/>
-            <link rel="depends-on" href="#sr-5.2_smt"/>
             <p>the system, system component, or system service is assessed prior to modification;</p>
+            <link rel="depends-on" href="#sr-5.2_smt"/>
           </part>
           <part id="sr-5.2_obj-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-05(02)[04]"/>
-            <link rel="depends-on" href="#sr-5.2_smt"/>
             <p>the system, system component, or system service is assessed prior to update.</p>
+            <link rel="depends-on" href="#sr-5.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-5.2_smt"/>
         </part>
         <part id="sr-5.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84701,8 +84701,8 @@
       </part>
       <part id="sr-6_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-06"/>
-        <link rel="depends-on" href="#sr-6_smt"/>
         <p>the supply chain-related risks associated with suppliers or contractors and the systems, system components, or system services they provide are assessed and reviewed <insert type="param" id-ref="sr-06_odp"/>.</p>
+        <link rel="depends-on" href="#sr-6_smt"/>
       </part>
       <part id="sr-6_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84772,8 +84772,8 @@
         </part>
         <part id="sr-6.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-06(01)"/>
-          <link rel="depends-on" href="#sr-6.1_smt"/>
           <p><insert type="param" id-ref="sr-06.01_odp.01"/> is/are employed on <insert type="param" id-ref="sr-06.01_odp.02"/> associated with the system, system component, or system service.</p>
+          <link rel="depends-on" href="#sr-6.1_smt"/>
         </part>
         <part id="sr-6.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84839,8 +84839,8 @@
       </part>
       <part id="sr-7_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-07"/>
-        <link rel="depends-on" href="#sr-7_smt"/>
         <p><insert type="param" id-ref="sr-07_odp"/> are employed to protect supply chain-related information for the system, system component, or system service.</p>
+        <link rel="depends-on" href="#sr-7_smt"/>
       </part>
       <part id="sr-7_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84922,8 +84922,8 @@
       </part>
       <part id="sr-8_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-08"/>
-        <link rel="depends-on" href="#sr-8_smt"/>
         <p>agreements and procedures are established with entities involved in the supply chain for the system, system components, or system service for <insert type="param" id-ref="sr-08_odp.01"/>.</p>
+        <link rel="depends-on" href="#sr-8_smt"/>
       </part>
       <part id="sr-8_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -84984,8 +84984,8 @@
       </part>
       <part id="sr-9_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-09"/>
-        <link rel="depends-on" href="#sr-9_smt"/>
         <p>a tamper protection program is implemented for the system, system component, or system service.</p>
+        <link rel="depends-on" href="#sr-9_smt"/>
       </part>
       <part id="sr-9_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85040,8 +85040,8 @@
         </part>
         <part id="sr-9.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-09(01)"/>
-          <link rel="depends-on" href="#sr-9.1_smt"/>
           <p>anti-tamper technologies, tools, and techniques are employed throughout the system development life cycle.</p>
+          <link rel="depends-on" href="#sr-9.1_smt"/>
         </part>
         <part id="sr-9.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85143,8 +85143,8 @@
       </part>
       <part id="sr-10_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-10"/>
-        <link rel="depends-on" href="#sr-10_smt"/>
         <p><insert type="param" id-ref="sr-10_odp.01"/> are inspected <insert type="param" id-ref="sr-10_odp.02"/> to detect tampering.</p>
+        <link rel="depends-on" href="#sr-10_smt"/>
       </part>
       <part id="sr-10_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85235,36 +85235,36 @@
       </part>
       <part id="sr-11_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-11"/>
-        <link rel="depends-on" href="#sr-11_smt"/>
         <part id="sr-11_obj.a" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-11a."/>
-          <link rel="depends-on" href="#sr-11_smt.a"/>
           <part id="sr-11_obj.a-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-11a.[01]"/>
-            <link rel="depends-on" href="#sr-11_smt.a"/>
             <p>an anti-counterfeit policy is developed and implemented;</p>
+            <link rel="depends-on" href="#sr-11_smt.a"/>
           </part>
           <part id="sr-11_obj.a-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-11a.[02]"/>
-            <link rel="depends-on" href="#sr-11_smt.a"/>
             <p>anti-counterfeit procedures are developed and implemented;</p>
+            <link rel="depends-on" href="#sr-11_smt.a"/>
           </part>
           <part id="sr-11_obj.a-3" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-11a.[03]"/>
-            <link rel="depends-on" href="#sr-11_smt.a"/>
             <p>the anti-counterfeit procedures include the means to detect counterfeit components entering the system;</p>
+            <link rel="depends-on" href="#sr-11_smt.a"/>
           </part>
           <part id="sr-11_obj.a-4" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-11a.[04]"/>
-            <link rel="depends-on" href="#sr-11_smt.a"/>
             <p>the anti-counterfeit procedures include the means to prevent counterfeit components from entering the system;</p>
+            <link rel="depends-on" href="#sr-11_smt.a"/>
           </part>
+          <link rel="depends-on" href="#sr-11_smt.a"/>
         </part>
         <part id="sr-11_obj.b" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-11b."/>
-          <link rel="depends-on" href="#sr-11_smt.b"/>
           <p>counterfeit system components are reported to <insert type="param" id-ref="sr-11_odp.01"/>.</p>
+          <link rel="depends-on" href="#sr-11_smt.b"/>
         </part>
+        <link rel="depends-on" href="#sr-11_smt"/>
       </part>
       <part id="sr-11_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85331,8 +85331,8 @@
         </part>
         <part id="sr-11.1_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-11(01)"/>
-          <link rel="depends-on" href="#sr-11.1_smt"/>
           <p><insert type="param" id-ref="sr-11.01_odp"/> are trained to detect counterfeit system components (including hardware, software, and firmware).</p>
+          <link rel="depends-on" href="#sr-11.1_smt"/>
         </part>
         <part id="sr-11.1_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85397,17 +85397,17 @@
         </part>
         <part id="sr-11.2_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-11(02)"/>
-          <link rel="depends-on" href="#sr-11.2_smt"/>
           <part id="sr-11.2_obj-1" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-11(02)[01]"/>
-            <link rel="depends-on" href="#sr-11.2_smt"/>
             <p>configuration control over <insert type="param" id-ref="sr-11.02_odp"/> awaiting service or repair is maintained;</p>
+            <link rel="depends-on" href="#sr-11.2_smt"/>
           </part>
           <part id="sr-11.2_obj-2" name="assessment-objective">
             <prop name="label" class="sp800-53a" value="SR-11(02)[02]"/>
-            <link rel="depends-on" href="#sr-11.2_smt"/>
             <p>configuration control over serviced or repaired <insert type="param" id-ref="sr-11.02_odp"/> awaiting return to service is maintained.</p>
+            <link rel="depends-on" href="#sr-11.2_smt"/>
           </part>
+          <link rel="depends-on" href="#sr-11.2_smt"/>
         </part>
         <part id="sr-11.2_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85467,8 +85467,8 @@
         </part>
         <part id="sr-11.3_obj" name="assessment-objective">
           <prop name="label" class="sp800-53a" value="SR-11(03)"/>
-          <link rel="depends-on" href="#sr-11.3_smt"/>
           <p>scanning for counterfeit system components is conducted <insert type="param" id-ref="sr-11.03_odp"/>.</p>
+          <link rel="depends-on" href="#sr-11.3_smt"/>
         </part>
         <part id="sr-11.3_asm-examine" name="assessment-method">
           <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
@@ -85541,8 +85541,8 @@
       </part>
       <part id="sr-12_obj" name="assessment-objective">
         <prop name="label" class="sp800-53a" value="SR-12"/>
-        <link rel="depends-on" href="#sr-12_smt"/>
         <p><insert type="param" id-ref="sr-12_odp.01"/> are disposed of using <insert type="param" id-ref="sr-12_odp.02"/>.</p>
+        <link rel="depends-on" href="#sr-12_smt"/>
       </part>
       <part id="sr-12_asm-examine" name="assessment-method">
         <prop name="method" ns="http://csrc.nist.gov/ns/rmf" value="EXAMINE"/>
diff --git a/src/nist.gov/SP800-53/rev5/xml/oscal-objectives-enhance.xsl b/src/nist.gov/SP800-53/rev5/xml/oscal-objectives-enhance.xsl
index 2546d00f..413c496a 100644
--- a/src/nist.gov/SP800-53/rev5/xml/oscal-objectives-enhance.xsl
+++ b/src/nist.gov/SP800-53/rev5/xml/oscal-objectives-enhance.xsl
@@ -98,19 +98,35 @@
     
     -->
     <!-- Each part[@name='assessment-objective'] has a single label -->
-    <xsl:template match="part[@name='assessment-objective']/prop[@name='label']">
-        <xsl:next-match/>
-        <xsl:copy-of select="preceding-sibling::text()[1]"/>
-        
-        <xsl:variable name="parent-key" select="o:reduce-label(parent::part)"/>
-        <xsl:variable name="statement-item" select="key('item-by-label',$parent-key)"/>
-        
-        <!--<xsl:message expand-text="true">on { parent::part/@name } #{ @value } the reduced label is '{ $parent-key }' linking to '{ $statement-item/@id => string-join(', ') }' ({ count($statement-item) })</xsl:message>-->
-        <link rel="depends-on" href="#{ $statement-item/@id }"></link>
-        <xsl:if test="empty($statement-item)">
-            <xsl:message expand-text="true">No link made for part '{ @value }'</xsl:message>
+    <xsl:template match="part[@name='assessment-objective']/link"/>
+
+    <xsl:template match="part[@name='assessment-objective']/text()[not(matches(.,'\S'))]">
+        <xsl:if test="empty(following-sibling::*[1]/self::link)">
+            <xsl:next-match/>
         </xsl:if>
     </xsl:template>
+    
 
+    <xsl:template match="part[@name='assessment-objective']">
+        <xsl:copy>
+            <xsl:copy-of select="@*"/>
+            <xsl:apply-templates/>
+            
 
+            <xsl:variable name="part-key" select="o:reduce-label(.)"/>
+            <xsl:variable name="statement-item" select="key('item-by-label',$part-key)"/>
+            
+            <xsl:text>  </xsl:text>
+            <link rel="depends-on" href="#{ $statement-item/@id }"></link>
+            
+            <xsl:if test="empty($statement-item)">
+                <xsl:message expand-text="true">No link made for part '{ o:label(.) }'</xsl:message>
+            </xsl:if>
+            <xsl:copy-of select="text()[last()]"></xsl:copy-of>
+        </xsl:copy>
+        
+        
+    </xsl:template>
+    
+    
 </xsl:stylesheet>
\ No newline at end of file