Fedramp system Security Plan (ssp) High Baseline Template


Control Summary Information



Download 1.2 Mb.
Page283/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   279   280   281   282   283   284   285   286   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
Control Summary Information

Responsible Role:

Parameter MA-1(a):

Parameter MA-1(b)(1):

Parameter MA-1(b)(2):

Implementation Status (check all that apply):

Implemented

☐ Partially implemented

☐ Planned

Alternative implementation

Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)





MA-1 What is the solution and how is it implemented?

Part a




Part b





MA-2 Controlled Maintenance (L) (M) (H)


The organization:

  1. Schedules, performs, documents, and reviews records of maintenance and repairs on information system components in accordance with manufacturer or vendor specifications and/or organizational requirements;

  2. Approves and monitors all maintenance activities, whether performed on site or remotely and whether the equipment is serviced on site or removed to another location;

  3. Requires that [Assignment: organization-defined personnel or roles] explicitly approve the removal of the information system or system components from organizational facilities for off-site maintenance or repairs;

  4. Sanitizes equipment to remove all information from associated media prior to removal from organizational facilities for off-site maintenance or repairs;

  5. Checks all potentially impacted security controls to verify that the controls are still functioning properly following maintenance or repair actions; and

  6. Includes [Assignment: organization-defined maintenance-related information] in organizational maintenance records.



MA-2

Control Summary Information

Responsible Role:

Parameter MA-2(c):

Parameter MA-2(f):

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





MA-2 What is the solution and how is it implemented?

Part a




Part b




Part c




Part d




Part e




Part f






Download 1.2 Mb.

Share with your friends:
1   ...   279   280   281   282   283   284   285   286   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page