Fedramp system Security Plan (ssp) High Baseline Template

Control Summary Information

1 ... 382 383 384 385 386 387 388 389 ... 478

Control Summary Information

Responsible Role:

Implementation Status (check all that apply):

☐ Partially implemented

☐ Planned

Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SA-17 What is the solution and how is it implemented?
Part a
Part b
Part c

The organization:

Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]:

A system and communications protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
Procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls; and

System and communications protection policy [FedRAMP Assignment: at least annually]; and
System and communications protection procedures [FedRAMP Assignment: at least annually or whenever a significant change occurs].

SC-1	Control Summary Information
Responsible Role:
Parameter SC-1(a):
Parameter SC-1(b)(1):
Parameter SC-1(b)(2):
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific)

SC-1 What is the solution and how is it implemented?
Part a
Part b

Share with your friends: