Information Technology Security Plan Template
Information technology it security is achieved by implementing a suitable set of.
Information technology security plan template. If any element of the following sampletemplate is not operationally feasible or appropriate for a particular business be sure to delete that element from the company specific wisp. Find the policy template you need. Additionally thank you to all the nist staff that reviewed and commented on the document. The ultimate goal of the project is to offer everything you need for rapid development and implementation of information security policies.
The original document was used as the foundation for this revision. The completion of system security plans is a requirement of the office of management and budget omb circular a. The objective of system security planning is to improve protection of information system resources. Pl 2 system security plan security control requirement.
The it security plan template should cover assignment of security responsibility system operational status general descriptionpurpose and more. The organization develops and implements a security plan for the information system that provides an overview of the security requirements for the system and a description of the security controls in place or planned for meeting those requirements. Additionally a sample is provided. Youll find a great set of resources posted here already including policy templates for twenty seven important security requirements.
Otherwise it would be a liability exposure to establish a written policy and not to comply with it. Information system security plan approval date. Available resources for a template to complete the information classification activity. Information system security plan template.
System name page 1. The protection of a system must be documented in a system security plan. Appendix a provides a system security plan template. The information technology security manager should communicate the information technology security plan to all affected persons distributing the plan to all managers and supervisors requiring.
Written information security plan insert date note. Information classification documents can be included within or as an attachment to the information security plan. Gta office of information security. Enter the completion date of the plan.
Refer to appendix a. Original nist special publication 800 18 guide for developing security plans for information technology system. An information security plan isp is designed to protect information and critical resources from a wide range of threats in order to ensure business continuity minimize business risk and maximize return on investments and business opportunities.