Fedramp system Security Plan (ssp) High Baseline Template


Control Summary Information



Download 1.2 Mb.
Page299/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   295   296   297   298   299   300   301   302   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
Control Summary Information

Responsible Role:

Parameter MP-4(a)-1:

Parameter MP-4(a)-2:

Implementation Status (check all that apply):

Implemented

☐ Partially implemented

☐ Planned

Alternative implementation

Not applicable

Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





MP-4 What is the solution and how is it implemented?

Part a




Part b





MP-5 Media Transport (M) (H)


The organization:

  1. Protects and controls [FedRAMP Assignment: all media with sensitive information] during transport outside of controlled areas using [FedRAMP Assignment: for digital media, encryption using a FIPS 140-2 validated encryption module; for non-digital media, secured in locked container];

MP-5a Additional FedRAMP Requirements and Guidance:

Requirement: The service provider defines security measures to protect digital and non-digital media in transport. The security measures are approved and accepted by the JAB/AO.

  1. Maintains accountability for information system media during transport outside of controlled areas;

  2. Documents activities associated with the transport of information system media; and

  3. Restricts the activities associated with transport of information system media to authorized personnel.



MP-5

Control Summary Information

Responsible Role:

Parameter MP-5(a)-1:

Parameter MP-5(a)-2:

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable

Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





MP-5 What is the solution and how is it implemented?

Part a




Part b




Part c




Part d






Download 1.2 Mb.

Share with your friends:
1   ...   295   296   297   298   299   300   301   302   ...   478



The database is protected by copyright ©ininet.org 2024
send message

    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy