Fedramp system Security Plan (ssp) High Baseline Template



Download 1.2 Mb.
Page346/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   342   343   344   345   346   347   348   349   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

RA-3 Risk Assessment (H)


The organization:

  1. Conducts an assessment of risk, including the likelihood and magnitude of harm, from the unauthorized access, use, disclosure, disruption, modification, or destruction of the information system and the information it processes, stores, or transmits;

  2. Documents risk assessment results in [Selection: security plan; risk assessment report; [FedRAMP Assignment: security assessment report]];

  3. Reviews risk assessment results [FedRAMP Assignment: in accordance with OMB A-130 requirements or when a significant change occurs];

  4. Disseminates risk assessment results to [Assignment: organization-defined personnel or roles]; and

  5. Updates the risk assessment [FedRAMP Assignment: in accordance with OMB A-130 requirements or when a significant change occurs]; or whenever there are significant changes to the information system or environment of operation (including the identification of new threats and vulnerabilities), or other conditions that may impact the security state of the system.


Download 1.2 Mb.

Share with your friends:
1   ...   342   343   344   345   346   347   348   349   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page