Fedramp system Security Plan (ssp) High Baseline Template


Control Summary Information



Download 1.2 Mb.
Page283/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   279   280   281   282   283   284   285   286   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
Control Summary Information

Responsible Role:

Parameter MA-1(a):

Parameter MA-1(b)(1):

Parameter MA-1(b)(2):

Implementation Status (check all that apply):

Implemented

☐ Partially implemented

☐ Planned

Alternative implementation

Not applicable

Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)





MA-1 What is the solution and how is it implemented?

Part a




Part b





MA-2 Controlled Maintenance (L) (M) (H)


The organization:

  1. Schedules, performs, documents, and reviews records of maintenance and repairs on information system components in accordance with manufacturer or vendor specifications and/or organizational requirements;

  2. Approves and monitors all maintenance activities, whether performed on site or remotely and whether the equipment is serviced on site or removed to another location;

  3. Requires that [Assignment: organization-defined personnel or roles] explicitly approve the removal of the information system or system components from organizational facilities for off-site maintenance or repairs;

  4. Sanitizes equipment to remove all information from associated media prior to removal from organizational facilities for off-site maintenance or repairs;

  5. Checks all potentially impacted security controls to verify that the controls are still functioning properly following maintenance or repair actions; and

  6. Includes [Assignment: organization-defined maintenance-related information] in organizational maintenance records.



MA-2

Control Summary Information

Responsible Role:

Parameter MA-2(c):

Parameter MA-2(f):

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable

Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





MA-2 What is the solution and how is it implemented?

Part a




Part b




Part c




Part d




Part e




Part f






Download 1.2 Mb.

Share with your friends:
1   ...   279   280   281   282   283   284   285   286   ...   478



The database is protected by copyright ©ininet.org 2024
send message

    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy