Fedramp system Security Plan (ssp) High Baseline Template


Control Summary Information



Download 1.2 Mb.
Page429/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   425   426   427   428   429   430   431   432   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
Control Summary Information

Responsible Role:

Parameter SI-1(a):

Parameter SI-1(b)(1):

Parameter SI-1(b)(2):

Implementation Status (check all that apply):

Implemented

Partially implemented

☐ Planned

Alternative implementation

Not applicable



Control Origination (check all that apply):

Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)





SI-1 What is the solution and how is it implemented?

Part a




Part b





SI-2 Flaw Remediation (L) (M) (H)


The organization:

  1. Identifies, reports, and corrects information system flaws;

  2. Tests software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation;

  3. Installs security-relevant software and firmware updates within [FedRAMP Assignment: thirty 30 days of release of updates] of the release of the updates; and

  4. Incorporates flaw remediation into the organizational configuration management process.



SI-2

Control Summary Information

Responsible Role:

Parameter SI-2(c):

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SI-2 What is the solution and how is it implemented?

Part a




Part b




Part c




Part d





SI-2 (1) Control Enhancement (H)


The organization centrally manages the flaw remediation process.

SI-2 (1)

Control Summary Information

Responsible Role:

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SI-2 (1) What is the solution and how is it implemented?






Download 1.2 Mb.

Share with your friends:
1   ...   425   426   427   428   429   430   431   432   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page