Fedramp system Security Plan (ssp) High Baseline Template

SI-4 Additional FedRAMP Requirements and Guidance

Download 1.2 Mb.

Page	437/478
Date	16.12.2020
Size	1.2 Mb.
	#54609

1 ... 433 434 435 436 437 438 439 440 ... 478

FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

SI-4 Additional FedRAMP Requirements and Guidance:

Guidance: See US-CERT Incident Response Reporting Guidelines.

SI-4	Control Summary Information
Responsible Role:
Parameter SI-4(a)(1):
Parameter SI-4(b):
Parameter SI-4(g)-1:
Parameter SI-4(g)-2:
Parameter SI-4(g)-3:
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SI-4 What is the solution and how is it implemented?
Part a
Part b
Part c
Part d
Part e
Part f
Part g

SI-4 (1) Control Enhancement (M) (H)

The organization connects and configures individual intrusion detection tools into an information system-wide intrusion detection system.

SI-4 (1)	Control Summary Information
Responsible Role:
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SI-4 (1) What is the solution and how is it implemented?

SI-4 (2) Control Enhancement (M) (H)

The organization employs automated tools to support near real-time analysis of events.

SI-4 (2)	Control Summary Information
Responsible Role:
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SI-4 (2) What is the solution and how is it implemented?

SI-4 (4) Control Enhancement (M) (H)

The information system monitors inbound and outbound communications traffic [FedRAMP Assignment: continuously] for unusual or unauthorized activities or conditions.

SI-4 (4)	Control Summary Information
Responsible Role:
Parameter SI-4(4):
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

SI-4 (4) What is the solution and how is it implemented?

Download 1.2 Mb.

Share with your friends:

1 ... 433 434 435 436 437 438 439 440 ... 478