Page History
...
Risk planning and risk management
- FIPS-199
- e-Authentication Risk Analysis
- Privacy Impact Assessment (PIA) (Blank) (Requires Internet Explorer to open)
- Third Party Website and Applications (TPWA) PIAs – contact the NCI Privacy Coordinator to initiate a new TPWA PIA (Requires Internet Explorer to open)
- Risk Acceptance Memo
- Security Assessment Plan (SAP/SCAP)
- Security Assessment Report (SAR)
- External System Security Plan (SSP) - Contractor Hosted
- Security Impact Analysis (SIA)
Plan of action and milestones (POA&M)
- Plan Plan of action and milestones (POA&M)
Configuration management
- Configuration Management Plan
- NIH Memorandum of Understanding (MOU)
- Interconnection Security Agreement (ISA)
- HHS Minimum Configuration Guides and Checklists
- HHS/NIH Department Standard Warning Banner
Contingency planning and disaster recovery templates
- NIH NCI Business Impact Analysis
- NIH Contingency Plan
- NIH Contingency Test Plan and After-Action Report
- Sample Reconstitution Checklist
- Sample Recovery Checklist