Abstract

The System Security Plan is the most important document in the Security Package. IT sums up the system description, system boundary, architecture, and security control in one document. All systems that are general support systems or major applications must have a System Security Plan. When describing system boundaries, keep in mind that your description should be inclusive of and should discuss the systems you described in your Hardware and Software Inventory. The system delineated by the boundary definition should be consistent with what comes under the purview of the system owner. In the System Security Plan, you describe how all security controls are implemented.