System Security Plan (SSP) template vs System Security and Privacy Plan (SSPP) template.
Yes, there is a difference between the System Security Plan (SSP) template versus the System Security and Privacy Plan (SSPP) template. The System Security and Privacy Plan (SSPP) differs from a traditional System Security Plan (SSP) in that it includes all requirements for all Privacy Control Baselines as put forth in NIST SP 800-53, Revision 5.
Per NIST, "When a system processes PII, the information security and privacy programs have a shared responsibility to manage the impacts to individuals that arise from security risks and collaborate to determine the security categorization and the selection and tailoring of controls from the security control baselines."
Visit the Arlington Security Portal (ASP) today and get access to the following SSP and SSPP templates:
100 + NIST 800-53 Templates Available for Download for Federal Contractors
The solution for federal contractors is the Arlington Security Portal (ASP), an online repository of world-class, industry leading security and privacy policies & procedures, programs, plans – and other highly essential documents & templates developed specifically on NIST SP 800-53, Revision 5.
From Beginning to End, Complete Project Management for NIST RMF
With Arlington, we can manage your entire NIST RMF A&A process from beginning to end (i.e., from the initial scoping & gap assessment to post-Authorization to Operate (ATO) activities), providing essential services for getting you to the finish line in terms of your ATO. Core services and solutions offered include the following:
Scoping & Gap (i.e., Readiness) Assessments
Remediation Services (Policy and Procedures writing)
Remediation Services (Technical and Operational)
System Security Plan (SSP) Development
Security Assessment Reports (SAR)
Continuous Monitoring (ConMon) Services
We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®. Learn more at arlingtonintel.com.