Test 2015-01-15-1052 ([project acronym not provided]) [project id not provided] System Security Plan
Yüklə 1,74 Mb.
|
- Bu səhifədəki naviqasiya:
- Responsible Organization/Personnel and Contact Information
- System Operational Status
- System Operation (Government or Contractor Operation)
- General Description/Mission
- Subsystems/Minor Applications
- Hardware/Virtual Machines/Software/Firmware Description
Information CategorizationThis section summarizes the [project acronym not provided] information security categorization levels as determined by the FIPS 199 Information Security Categorization. The [project acronym not provided] security impact levels for each of the three security objectives of confidentiality, integrity, and availability are identified in Table 1-2. Table 1.0 Security Categorization
Table 1.0 System Designations
Table 1.0 Information Types
The following DHS Component/Personnel are identified as the parties responsible for the system development of Test_2015-01-15-1052, its software maintenance and patch management. Also identified are the roles of system owner, technical information point-of-contact, authorizing official, security control assessor, CISO/ISSM, ISSO and any other role that has a significant responsibility to ensure the system is appropriately secure. It is the functional proponent or advocate for the information system and the activity responsible for identifying the funding for system development, deployment, and maintenance throughout the system's life cycle. Table 1-5. Responsibility/Accountability Matrix
The information system is in the following life cycle status:
The information system has the following authorization status:
{Identify who owns the system and who operates the system. The values are Government Owned Government Operated (GOGO), Government Owned Commercially Operated (GOCO), Commercially Owned Government Operated (COGO), or Commercially Owned Commercially Operated (COCO).}
The following section provides an overview of the [project acronym not provided], and identifies the system’s mission, capabilities, users, and information data flow. It also describes the hardware, software and firmware implemented in support of [project acronym not provided]. {This section should include a description, in text, detailing the external boundary of the information system. The description should address applicable environments other than the primary production environment (i.e., maintenance, testing/development or backup environments). Where required the description should detail lines of responsibility demarcation that exist for any controls inherited from other information systems.}
There are no project personnel roles assigned to your system.
The following architectural drawings of Test_2015-01-15-1052 provide a visual depiction of the major system hardware elements that constitute Test_2015-01-15-1052.
The following table(s) identifies the major applications supported by the information system. Table 1-6. Major Application Supported by Test_2015-01-15-1052
The following table(s) identify the subsystems/Minor Applications for Test_2015-01-15-1052. Table 1-7. Test_2015-01-15-1052 Subsystems/Minor Applications
There is no hardware associated with the project. There is no software in the project.
{This section should address the types of encryption solutions deployed for the information system.} Table 1-6. PKI Certificates
{Identify any encryption devices used in the system architecture. These should be identified in the system architecture diagram included in section 1.4.5, and described in the following table:} Table 1-10. Encryption Devices
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||