SPS Home    >   Dgreath    >   System Security Plan

The System Security Plan is the primary document that describes the strategy, policy, processes, and procedures provided a specified information System (IS). Specifically, it addresses five factors: availability, integrity, authentication, confidentiality, and non- repudiation in eight chapters:

  1. Security Design and Configuration (DC)
  2. Identification and Authentication (IA)
  3. Enclave and Computing Envirionment (EC)
  4. Enclave Boundary Defenses (EB)
  5. Physical and Environmental (PE)
  6. Personnel (PR)
  7. Continuity (CO)
  8. Vulnerability and Incident Management (VI)

All information systems fall into one of nine security outlines according to the confidentiality of the provided content and the criticality of the information system to the organization's mission. Table 1 below provides guidance into determination of the appropriate category of mission assurance. Table 2 below provides guidance into determination of the appropriate level of confidentiality. The links provided in Table 3 will take you to the appropriate document outline.

Mission Assurance Categories (MAC)
Table 1 - Criticality

MAC I—Mission Essential

MAC II—Mission Important

MAC III—Routine

Confidentiality Levels (CL)
Table 2 - Confidentiality

Classified—Limited private access

Sensitive—Limited Public and/or private access

Public—Unlimited public and/or private access