Fedramp system Security Plan (ssp) High Baseline Template


SI-4 Additional FedRAMP Requirements and Guidance



Download 1.2 Mb.
Page437/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   433   434   435   436   437   438   439   440   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
SI-4 Additional FedRAMP Requirements and Guidance:

Guidance: See US-CERT Incident Response Reporting Guidelines.

SI-4

Control Summary Information

Responsible Role:

Parameter SI-4(a)(1):

Parameter SI-4(b):

Parameter SI-4(g)-1:

Parameter SI-4(g)-2:

Parameter SI-4(g)-3:

Implementation Status (check all that apply):

Implemented

Partially implemented

☐ Planned

Alternative implementation

Not applicable



Control Origination (check all that apply):

Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SI-4 What is the solution and how is it implemented?

Part a




Part b




Part c




Part d




Part e




Part f




Part g





SI-4 (1) Control Enhancement (M) (H)


The organization connects and configures individual intrusion detection tools into an information system-wide intrusion detection system.

SI-4 (1)

Control Summary Information

Responsible Role:

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SI-4 (1) What is the solution and how is it implemented?





SI-4 (2) Control Enhancement (M) (H)


The organization employs automated tools to support near real-time analysis of events.

SI-4 (2)

Control Summary Information

Responsible Role:

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SI-4 (2) What is the solution and how is it implemented?





SI-4 (4) Control Enhancement (M) (H)


The information system monitors inbound and outbound communications traffic [FedRAMP Assignment: continuously] for unusual or unauthorized activities or conditions.

SI-4 (4)

Control Summary Information

Responsible Role:

Parameter SI-4(4):

Implementation Status (check all that apply):

☐ Implemented

☐ Partially implemented

☐ Planned

☐ Alternative implementation

☐ Not applicable



Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





SI-4 (4) What is the solution and how is it implemented?






Download 1.2 Mb.

Share with your friends:
1   ...   433   434   435   436   437   438   439   440   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page