Menu
0
    0

    Your Cart is Empty

    View NIST RMF Control Families
  • NIST: Col 1
  • NIST: Col 2
  • NIST: Col 3

  • Add description, images, menus and links to your mega menu

    A column with no settings can be used as a spacer

    Link to your collections, sales and even external links

    Add up to five columns

  • Add description, images, menus and links to your mega menu

  • A column with no settings can be used as a spacer

  • Link to your collections, sales and even external links

  • Add up to five columns

  • Previous | Next
    Home / Program Management / Privacy Program Plan (PM-18)
    Privacy Program Plan (PM-18)

    Privacy Program Plan (PM-18)

    $154.99
    Download Sample Policies (PDF)

    Have Questions?
    Talk to an ASP Expert at 703-591-3466

    Description: In-depth, comprehensive, professionally developed Privacy Program Plan (PPP) that includes documentation on all essential subject matter relating to addressing organizational-wide privacy risks for information (i.e., PII, PHI, CUI, etc.) being collected, used, shared & disclosed, stored, protected, retained, and disposed of as required by PM-18 of NIST SP 800-53, Revision 5. Note: It is highly recommended to purchase the additional supporting documents within the Program Management (PM) family to allow for complete coverage of all controls within PM-1 to PM-32.

    The Privacy Program Plan includes the following sections:

    • Privacy Program Plan Overview
    • Privacy Program Foundational Principles
      • Privacy by Design Requirement
      • Fair Information Practice Principles
    • Privacy Roles and Responsibilities
    • Privacy Laws, Rules, Regulations, and Notice
      • Privacy (International and U.S.)
      • Rules and Regulations
      • Privacy Notice
      • Privacy Rights to Individuals
    • Personally Identifiable Information (PII)
      • Types of PII (PII, PHI, PIFI, etc.)
      • Authority to Process PII
      • PII Processing Purposes
      • Consent
      • Privacy Notice
      • System of Records Notice
      • Minimizing the Collection of PII
      • Handling and Transmitting PII
      • Privacy Impact Assessment (PIA) Requirements
    • Breach Prevention and Incident Response
      • Reporting Breaches
      • Breach Response Plan
      • Breach Reporting
      • Core Response Group
      • Incident Response Personnel
    • Awareness and Training
      • Foundational Training
      • Advanced Privacy Training
      • Role-Based Training
      • Rules of Behavior and Accountability
      • New  Employee Orientation Training
    • Continuous Monitoring
    • Contractors and Third-Parties

    Specifications: Developed in accordance with NIST SP 800-53, Revision 5 (12-10-2020), and other related security control frameworks, where applicable.

    Control Family: Program Management (PM).

    Control Mapping: PM-18. 

    Security Control Baseline Coverage: Includes coverage for all LOW, MOD, and HIGH Baselines, per NIST SP 800-53B (12-10-2020).

    Direct Compliance Use: FISMA, FedRAMP, NISP eMASS RMF, and other related NIST RMF reporting requirements for security and privacy. Can be used for mapping to DFARS NIST 800-171 and CMMC controls, where applicable.

    Format: MS Word document (.docx).

    Length: 22 pages.

    Read all our FAQs

    Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

    What Our Customers Are Saying

    “Without question, the very best NIST information security documents, plans, and program templates I've ever used. Thorough, detailed, easy-to-use; no need to look anywhere else."

    - Alan Branigan - Former DoD & Federal Cyber Workforce

    Companies Who Trust Us