Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A System Security Plan SSP documents a systems boundary, environment, and implemented NIST 800-53 controls, anchoring RMF and FedRAMP authorization.
System Security Plan (SSP) Definition: A System Security Plan SSP documents a systems boundary, environment, and implemented NIST 800-53 controls, anchoring RMF and FedRAMP authorization.
A System Security Plan (SSP) is a formal document that describes an information system's boundary, operating environment, and the security and privacy controls selected and implemented to protect it. Under the NIST Risk Management Framework and FedRAMP, the SSP is a foundational artifact that maps each applicable control, such as those from NIST 800-53, to its implementation status and serves as the primary basis for assessment and authorization decisions. It is maintained as a living document and updated as the system or its controls change.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →