Nist Sp 800 171 System Security Plan Template

The completion of system security plans is a requirement of the office of management and budget omb circular a.

Nist sp 800 171 system security plan template.

Documentation supplemental material cui ssp template. This guidance was developed to facilitate the consistent review of how the system security plan and associated plans of action address the nist sp 800 171 security requirements and the impact that the not yet implemented nist sp 800 171 security requirements have on an information system. However organizations ensure that the required information in sp 800 171 requirement 3 12 4 is conveyed in those plans. Documentation supplemental material cui ssp template.

The ssp toolkit also comes with a poam and waiver document that are required to document corrective action plans and capture deviations from nist sp 800 171 rev. The controls selected or planned must be documented in a system security plan. Nist computer security resource center csrc. In december of 2016 when nist released the first revision of nist sp 800 171 they included information about what was supposed to be done with all of the plans and procedures that were created to secure your facility.

Nist sp 800 53 contains the management operational and technical safeguards or countermeasures prescribed for an information system. The objective of system security planning is to improve protection of information system resources. Recommended security controls for federal information systems. There is no prescribed format or specified level of detail for system security plans.

The protection of a system must be documented in a system security plan. The nist sp 800 171 system security plan ssp template is a comprehensive document that provides an overview of nist sp 800 171 rev. 2 and will be withdrawn in one year on february 21 2021. The guidance is designed to help the program.

1 has been superseded by sp 800 171 rev. Documentation supplemental material cui ssp template. 1 06 07 2018 planning note 2 21 2020. This is a nist 800 171 system security plan ssp template which is a comprehensive document that provides an overview of nist sp 800 171 rev.

All federal systems have some level of sensitivity and require protection as part of good management practice. There is no prescribed format or specified level of detail for system security plans. 1 system security requirements and describes controls in place or planned to meet those requirements. However organizations ensure that the required information in sp 800 171 requirement 3 12 4 is conveyed in those plans.

There is no prescribed format or specified level of detail for system security plans.