To document implementation, a company should have a system security plan, and a plan of action and milestones. The plan of action describes how and when any unmet security requirements will be met, how any planned mitigations will be done, and how and when the company will correct deficiencies and reduce or eliminate vulnerabilities in the systems.
Jump Start your Implementation of NIST SP 800-171 with your System Security Self-Assessment.
Join us for a walk through of the Department of Homeland Security’s free Cyber Security Evaluation Tool (“CSET”), to help you identify where your company is meeting (or not yet meeting) the security requirements of NIST SP 800-171, and use this tool to help develop your company’s System Security Plan and Plan of Action.
Comments are closed.