NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Security Forms and Templates

The links for security and privacy forms and templates listed below have been divided by functional areas to better assist you in locating specific forms associated with security and/or privacy related activities that are described elsewhere in the NCI IT Security Website.

Risk planning and risk management

  • FIPS-199
  • e-Authentication Risk Analysis
  • Privacy Impact Assessment (PIA) (Blank) (Requires Internet Explorer to open)
  • Third Party Website and Applications (TPWA) PIAs – contact the NCI Privacy Coordinator to initiate a new TPWA PIA (Requires Internet Explorer to open)
  • Risk Acceptance Memo
  • Security Assessment Plan (SAP/SCAP)
  • Security Assessment Report (SAR)
  • External System Security Plan (SSP) - Contractor Hosted
  • Security Impact Analysis (SIA)

Plan of action and milestones (POA&M)

  •  Plan of action and milestones (POA&M)

Configuration management

  • Configuration Management Plan
  • Memorandum of Understanding (MOU)
  • Interconnection Security Agreement (ISA)
  • HHS Minimum Configuration Guides and Checklists
  • HHS/NIH Department Standard Warning Banner

Contingency planning and disaster recovery templates

  • NIH Business Impact Analysis
  • NIH Contingency Plan
  • Sample Reconstitution Checklist
  • Sample Recovery Checklist
  • CP Exercise After Action Report (AAR)

Authorization memos

  • Authorization To Operate (ATO) Letter

System Standard Operating Procedure (SOP) templates

  • Identity and Access Management SOP
  • Audit Management SOP
  • System Physical and Environmental Control SOP
  • No labels