Page History
Security Forms and Templates
The links for security and privacy forms and templates listed below have been divided by functional areas to better assist you in locating specific forms associated with security and/or privacy related activities that are described elsewhere in the NCI IT Security Website.
...
Categorize System and Select Controls (FISMA Starter Kit)
- FIPS-199 System Categorization (FIPS-199)
- NIST SP 800-60 Volume 1 (Mapping Guidelines)
- NIST SP 800-60 Volume 2 (Information Types w/ provisional security impact level assignments)
- e-Authentication Risk Analysis
- Privacy Impact Assessment (PIA)
- Security Assessment Plan (SAP/SCAP) Security Assessment Report (SAR)
- NCI Business Impact Analysis (BIA)
Implement Controls
- External System Security Plan (SSP) - Contractor Hosted
- Security Impact Analysis (SIA)
System Standard Operating Procedure (SOP) templates
- )
Plan of action and milestones (POA&M)
- Plan of action and milestones (POA&M
- )
Configuration management
Contingency planning and disaster recovery templates
...
Incident response planning templates
...
Assess Controls
- Security Assessment Plan (SAP)
- Security Assessment Report (SAR)
- Plan of action and milestones (POA&M)
Authorize System
- Authority To Operate Letter (ATO) Letter
System Standard Operating Procedure (SOP) templates
Monitor System
- Security Impact Analysis (SIA)
- NCI Identity and Access Management SOP
- NCI Audit Management SOP
- NCI System Physical and Environmental Control SOP