What does SSP stand for?

Recommendation: To better ensure the security of the overall BSA environment, the Secretary of the Treasury should direct the Director of FinCEN to fully implement its information security program by ensuring that system security plans document all required controls and describe how all required controls are implemented.

We expect to complete a National Transportation System Security Plan as an overarching vision of where we need to be--how we're going to get our arms wrapped around this enormous transportation security challenge.

They range from an example of a transit security survey and a listing of various transit/travel laws in major districts to a recent system security plan and program supported by a budget program identifying direct and indirect security costs.

Categories: National Defense, Defense capabilities, Internal controls, Physical security, Policy evaluation, Program evaluation, Program management, Risk assessment, Risk management, Security threats, System security plans, Weapons, Weapons systems, GAO High Risk Series

With minimal data input and no application configuration requirements, Xacta FISMA Accelerator speeds an agency's FISMA compliance efforts by using system definition inputs and responses to an easy-to-understand NIST SP 800-26 survey to compile the completed self-assessment results, risk assessment, system security plan, and plan of action and milestones (POA&M).

Categories: Information Management, Command and control systems, Computer systems, Critical infrastructure, Cyber security, Energy, Evaluation criteria, Homeland security, Information infrastructure, Information security, Information technology, Public health, Risk assessment, Risk management, Strategic planning, System security plans, Transportation, National Infrastructure Protection Plan

DST and NCI will provide C&A activities including the development of system security plans, risk assessments, contingency plans, and other documentation that describes security controls and their implementation; the planning and execution of certification testing that validates the effectiveness of security controls; and associated accreditation documentation that describes residual risks, provides remediation strategies, and supports an accreditation decision.

Categories: Information Management, Command and control systems, Computer systems, Critical infrastructure, Cyber security, Energy, Evaluation criteria, Homeland security, Information infrastructure, Information security, Information technology, Public health, Risk assessment, Risk management, Strategic planning, System security plans, Transportation, National Infrastructure Protection Plan