There is no prescribed format or specified level of detail for system security plans. However, organizations ensure that the required information in [SP 800-171 Requirement] 3.12.4 is conveyed in those plans.
Since NIST has published a template, FutureFeed has utilized that template as the foundation for the SSP (System Security Plan) in the platform.
With the emphasis that FutureFeed place on ongoing manageability, the SSP produced and maintained in FutureFeed is enhanced with data that a CISO may use to secure the organization.
For reference the NIST 800-171 SSP Template is available here:
Please sign in to leave a comment.