Fedramp system Security Plan (ssp) High Baseline Template

SA-4 What is the solution and how is it implemented?

Download 1.2 Mb.

Page	362/478
Date	16.12.2020
Size	1.2 Mb.
	#54609

1 ... 358 359 360 361 362 363 364 365 ... 478

FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

SA-4 (1) Control Enhancement (M) (H)
SA-4 (2) Control Enhancement (H)

SA-4 What is the solution and how is it implemented?

Part a
Part b
Part c
Part d
Part e
Part f
Part g

SA-4 (1) Control Enhancement (M) (H)

The organization requires the developer of the information system, system component, or information system service to provide a description of the functional properties of the security controls to be employed.

SA-4 (1)	Control Summary Information
Responsible Role:
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SA-4 (1) What is the solution and how is it implemented?

SA-4 (2) Control Enhancement (H)

The organization requires the developer of the information system, system component, or information system service to provide design and implementation information for the security controls to be employed that includes: [FedRAMP Selection (one or more): at a minimum to include security-relevant external system interfaces; high-level design; low-level design; source code or network and data flow diagram; [organization-defined design/implementation information]]at [Assignment: organization-defined level of detail].

SA-4 (2)	Control Summary Information
Responsible Role:
Parameter SA-4-1:
Parameter SA-4-2:
Parameter SA-4-3:
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SA-4 (2) What is the solution and how is it implemented?

Download 1.2 Mb.

Share with your friends: