In this assignment, students will learn to integrate course topics into an actionable security plan. Use your organization's current system security (if this is not available find one on the Internet)

CYB-525 System Security Plan (SSP) Template

System Security Plan For: {System Name}

Version:

Date:

Prepared By:

System Identification

System Name/Title

Responsible Organization

Information Contact(S)

Assignment of Security Responsibility

System Operational Status

General Description/Purpose

System Environment

System Interconnection/Information Sharing

Laws, Regulations, and Policies Affecting the System

Sensitivity of Information Handled

General Description of Sensitivity

Management Controls

Risk Assessment and Management

Review of Security Controls

Rules of Behavior

Planning for Security in the Life Cycle

Initiation Phase

Development/Acquisition Phase

Implementation Phase

Operation/Maintenance Phase

Disposal Phase

Authorized Processing

Operational Controls

Personnel Security

Physical and Environmental Protection

Production, Input/Output Controls

Contingency Planning

Maintenance Controls

Data Integrity/Validation Controls

Documentation

Security Awareness and Training

Incident Response Capability

Technical Controls

Identification and Authentication

Authorization/Access Controls

Public Access Controls

Audit Trails

© 2018. Grand Canyon University. All Rights Reserved.