Documents Flashcards
1
Q
SSP
A
System Security Plan
Bible of system
Provides purpose of system
Impact level and types of controls needed to be implemented
2
Q
SAP
A
Security Assessment Plan
Provides purpose of Assessment
Purpose of system
Roles and responsibilities
Deadlines
Types of controls
Previous poam
Rbd (risk based decision)
3
Q
SAR
A
Security Assessment Report
Purpose of Assessment/system
Methodology of Assessment
Controls that failed and recommendations
Previous poams (open/closed)
Rbd
