X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 100 / 158

460 views

0 shares

0 downloads

0 comments

100 / 158

U.S. Department of Health and Human Services

The Security Plan (SP) for each system includes:

Appropriate security controls

An indication of low, moderate, or high level of security

Essential information necessary for the Authorizing Official  to grant an authorization to operate

Stakeholder assistance in managing and identifying risk to systems

The SP should be created during the development phase of the EPLC. Once it is created, it should be reviewed and updated or verified at least annually. If the system has changed (system environment, software, hardware, user groups), the SSP should be documented as soon as the change is made. If no changes have occurred, the document should still be reviewed and verified.

Page 1 of 9

System Security Documentation

Security Plan

Document info
Document views460
Page views460
Page last viewedSat Dec 10 12:59:33 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments