System Security Plan Template

The Objective Of System Security Planning Is To Improve Protection Of Information System Resources.

The nist computer security resource center provides resources and templates for developing security plans to protect controlled unclassified information (cui) in nonfederal systems. The system security plan describes the controls in place, or planned for implementation, to provide a level of security appropriate for the information to be transmitted, processed, or stored by a system. All federal systems have some level of sensitivity and require protection as part of good management practice. More information about ssps can be found on the nist website.

This Includes All The System’s Hardware, Software, Relevant Personnel, Etc.

Use this downloadable ssp template to develop an ssp for your organization. System security plan (ssp) template instructions. 1 system security requirements and describes controls in place or planned to meet those requirements. Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.

• Appendix B Provides A Glossary Of Terms And Definitions.

• appendix a provides a system security plan template. This template contains boiler plate language. Each template must be customized to specifically address the system. • appendix c includes references that support this publication.

It Can Be Used For Both Public And Private Sector Systems And Applications, And It Provides A Baseline For Developing An Ssp.

Enter data to the right of the colon symbol. Specific system data shall be entered in the template when a colon symbol is indicated. The system security plan (ssp) documents controls that are implemented and tested to provide protection from threats and vulnerabilities identified during the planning and review process.