NIH | National Cancer Institute | NCI Wiki  


Please be advised that NCI Wiki will be will be undergoing maintenance on Monday, June 24th between 1000 ET and 1100 ET.
Wiki will remain available, but users may experience screen refreshes or HTTP 502 errors during the maintenance period. If you encounter these errors, wait 1-2 minutes, then refresh your page.

If you have any questions or concerns, please contact the CBIIT Atlassian Management Team.

The links for security and privacy forms and templates listed below have been divided by functional areas to better assist you in locating specific forms associated with security and/or privacy related activities that are described elsewhere in the NCI IT Security Website.

Prepare (RMF Step "0")

Categorize System and Select Controls (FISMA Starter Kit) (RMF Steps 1 & 2)

Implement Controls (RMF Step 3)

System Security Plans (SSPs)
    • FISMA Low SSP (for non-cloud systems categorized as Low only)

      • NIH Information Security Policy Handbook (Security Policies and Security Control Implementation Requirements)
        (FOUO - Request from NCI ISSO Office)
System Standard Operating Procedure (SOP) templates
Configuration management
Contingency planning and disaster recovery templates
Incident response planning templates 

 Assess Controls (RMF Step 4)

Authorize System (RMF Step 5)

Monitor System (RMF Step 6)

  • No labels