Fedramp system Security Plan (ssp) High Baseline Template


SA-4 What is the solution and how is it implemented?



Download 1.2 Mb.
Page362/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   358   359   360   361   362   363   364   365   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
SA-4 What is the solution and how is it implemented?

Part a




Part b




Part c




Part d




Part e




Part f




Part g





SA-4 (1) Control Enhancement (M) (H)


The organization requires the developer of the information system, system component, or information system service to provide a description of the functional properties of the security controls to be employed.

SA-4 (1)

Control Summary Information

Responsible Role:

Implementation Status (check all that apply):

Implemented

☐ Partially implemented

☐ Planned

Alternative implementation

Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SA-4 (1) What is the solution and how is it implemented?





SA-4 (2) Control Enhancement (H)


The organization requires the developer of the information system, system component, or information system service to provide design and implementation information for the security controls to be employed that includes: [FedRAMP Selection (one or more): at a minimum to include security-relevant external system interfaces; high-level design; low-level design; source code or network and data flow diagram; [organization-defined design/implementation information]]at [Assignment: organization-defined level of detail].

SA-4 (2)

Control Summary Information

Responsible Role:

Parameter SA-4-1:

Parameter SA-4-2:

Parameter SA-4-3:

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SA-4 (2) What is the solution and how is it implemented?






Download 1.2 Mb.

Share with your friends:
1   ...   358   359   360   361   362   363   364   365   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page