Fedramp system Security Plan (ssp) High Baseline Template


Control Summary Information



Download 1.2 Mb.
Page339/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   335   336   337   338   339   340   341   342   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
Control Summary Information

Responsible Role:

Parameter PS-1(a):

Parameter PS-1(b)(1):

Parameter PS-1(b)(2):

Implementation Status (check all that apply):

Implemented

Partially implemented

☐ Planned

Alternative implementation

Not applicable



Control Origination (check all that apply):

Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)





PS-1 What is the solution and how is it implemented?

Part a




Part b





PS-2 Position Categorization (H)


The organization:

  1. Assigns a risk designation to all positions;

  2. Establishes screening criteria for individuals filling those positions; and

  3. Reviews and revises position risk designations [FedRAMP Assignment: at least annually].



PS-2

Control Summary Information

Responsible Role:

Parameter PS-2(c):

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





PS-2 What is the solution and how is it implemented?

Part a




Part b




Part c





PS-3 Personnel Screening (L) (M) (H)


The organization:

  1. Screens individuals prior to authorizing access to the information system; and

  2. Rescreens individuals according to [FedRAMP Assignment: For national security clearances; a reinvestigation is required during the fifth (5th) year for top secret security clearance, the tenth (10th) year for secret security clearance, and fifteenth (15th) year for confidential security clearance. For moderate risk law enforcement and high impact public trust level, a reinvestigation is required during the fifth (5th) year. There is no reinvestigation for other moderate risk positions or any low risk positions].



PS-3

Control Summary Information

Responsible Role:

Parameter PS-3(b):

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





PS-3 What is the solution and how is it implemented?

Part a




Part b






Download 1.2 Mb.

Share with your friends:
1   ...   335   336   337   338   339   340   341   342   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page