System Security Plan (ssp) Categorization: Moderate-Low-Low


Facility/System Layout Insert diagram or include as an attachment. 6.3Personnel Authorizations



Yüklə 1,92 Mb.
səhifə4/29
tarix16.05.2018
ölçüsü1,92 Mb.
#50588
1   2   3   4   5   6   7   8   9   ...   29

6.2Facility/System Layout


Insert diagram or include as an attachment.

6.3Personnel Authorizations


NIST 800-53, Rev. 4/DAA PM Reference:

AC-2

Minimum Clearance

Minimum Access

Citizenship

Foreign National

 Top Secret

 Secret


 SAP

 SCI


 Both




 Yes

 No

6.4System Classification Level(s) & Compartment(s)


Classification

Caveats

Compartments

 Secret

 Top Secret




 None

 NATO


 RD











6.5Unique Data Handling Requirements


Instruction (DELETE IN FINAL DOCUMENT): Identify any unique handling requirements, e.g. NATO, NOFORN, NOCONTR, etc.>

Identify handling requirements/caveats.


6.6Information Access Policies


NIST 800-53, Rev. 4/DAA PM Reference:

AC-2, 3

Instruction (DELETE IN FINAL DOCUMENT): Insert or reference organizational or system-specific user access policies relevant to information types maintained on the information system. If appropriate, policies may be included in or placed in an appendix to the SSP. Access controls will be enforced or adjudicated through technical means to protect the information types (e.g. DAC/MAC).

Insert any additional organizational or system-specific user access policies.

7General System Description/Purpose

7.1System Description


Instruction (DELETE IN FINAL DOCUMENT): Provide a summary description of the system, its purpose and function; include high level description of the data flow, interconnected systems, operating system(s), key components, perimeter, information system boundary, and user(s). Ensure appropriate classification guidance is provided.

NIST 800-53, Rev. 4/DAA PM Reference:

PL-2

Enter System Description.

7.2System Architecture


Instruction (DELETE IN FINAL DOCUMENT): Describe the system architecture. As needed, show the architecture within the authorization boundary (e.g. servers, workstations, printers, etc.) in diagram form and place it in Appendix A. Either reference the location of the hardware and software lists or insert in Appendices B and C.

Describe System Architecture.


7.3Functional Architecture


Instruction (DELETE IN FINAL DOCUMENT): Describe or provide a diagram of the functional architecture of the system, e.g. Data Flow.

Describe functional architecture; e.g., data flow. Insert diagram if appropriate.


7.4User Roles and Access Privileges


Instruction (DELETE IN FINAL DOCUMENT): List roles and privileges (e.g. Privileged User, General User, Database Administrator, and Data Transfer Agent).

Role

Name

Authorized Privileges and Functions Performed

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.



8Interconnections

8.1Direct Network Connections


**NOTE: Direct network connections with external organizations, whether internal or external to the facility must be addressed in an MOU/MOA and/or ISA. Indicate in Section 5.3.

NIST 800-53, Rev. 4/DAA PM Reference:

PL-2, AC-17, CA-3

 This system does not connect to any other system.

This system connects to following system(s):

SYSTEM NAME

ORGANIZATION

CLASSIFICATION/ COMPARTMENTS

ATO ISSUED BY

DATE OF ATO

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Click here to enter text.

Yüklə 1,92 Mb.

Dostları ilə paylaş:
1   2   3   4   5   6   7   8   9   ...   29




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©muhaz.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin