O'Reilly logo

Official (ISC)2 Guide to the CAP CBK, 2nd Edition by Patrick D. Howard

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix K: Sample System Security Plan Outline

The following sample system security plan outline is based on guidance contained in National Institute of Standards and Technology Special Publication 800-18.

Security Plan Outline

System Identification

System name

Responsible organization

Information contact(s)

Assignment of security

Operational status

General description/purpose

System environment

Technical description

Principal system components

Security software

System interconnection/information sharing

Applicable laws or regulations affecting the system

General description of information sensitivity

Confidentiality

Integrity

Availability

System risks (summarized from risk assessment)

System Controls

Management controls

Risk assessment

Planning ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required