The following sample system security plan outline is based on guidance contained in National Institute of Standards and Technology Special Publication 800-18.
Assignment of security
Principal system components
System interconnection/information sharing
Applicable laws or regulations affecting the system
General description of information sensitivity
System risks (summarized from risk assessment)