From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300587
Associated with: CCI-003050
SSPs relate security requirements to a set of security controls and control enhancements. SSPs also describe, at a high level, how the security controls and control enhancements meet those security requirements, but do not provide detailed, technical descriptions of the specific design or implementation of the controls/enhancements. SSPs contain sufficient information (including the specification of parameter values for assignment and selection statements either explicitly or by reference) to enable a design and implementation that is unambiguously compliant with the intent of the plans and subsequent determinations of risk to organizational operations and assets, individuals, other organizations, and the Nation if the plan is implemented as intended.
Review each Voice Video SSP. Verify that the organizations SSP for each Voice Video system is consistent with the organizations enterprise architecture. If the organizations SSP for each Voice Video system is not consistent with the organizations enterprise architecture, this is a finding.
Ensure when developing and documenting each Voice Video SSP that it is consistent with the organizations enterprise architecture. Include in each Voice Video SSP the network and system diagrams, service provider documents and agreements, facility design criteria, architectural strategies, and other supporting documents to ensure the cybersecurity risks are accounted for in each Voice Video system.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer