| TIP: NIST SP 800-53 r4 Security Control PM-1: Information Security Program Plan

NIST SP 800-53 r4 Security Control PM-1: Information Security Program Plan, v4

Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control PM-1: Information Security Program Plan.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-pm-1_-information-security-program-plan/4/

Publication Date

2021-04-26

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, Information Security Program Plan, NIST, Program Management, Security

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8 and TD_ref9 and TD_ref10 and TD_ref11 and TD_ref12 and TD_ref13 and TD_ref14 and TD_ref15 and TD_ref16 and TD_ref17 and TD_ref18 and TD_ref19 and TD_ref20 and TD_ref21 and TD_ref22

References (22)

TD Information Security Program Plan - Approval of Risk - The Nation, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to the Nation.
ID	TD_ref1
Provider Reference

TD Information Security Program Plan - Development - Identification and Assignment of Compliance, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of compliance. .
ID	TD_ref2
Provider Reference

TD Information Security Program Plan - Development - Planned Management Controls, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the security program management controls planned for meeting the requirements of the information security program.
ID	TD_ref3
Provider Reference

TD Information Security Program Plan - Approval of Risk - Organizational Operations, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to organizational operations.
ID	TD_ref4
Provider Reference

TD Information Security Program Plan - Protection From Modification, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization protects the information security program plan from unauthorized modification.
ID	TD_ref5
Provider Reference

TD Information Security Program Plan - Development - Requirements, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides an overview of the requirements for the security program.
ID	TD_ref6
Provider Reference

TD Information Security Program Plan - Development - Identification and Assignment of Roles, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of roles.
ID	TD_ref7
Provider Reference

TD Information Security Program Plan - Updates From Implementation, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization updates the organization-wide information security plan to address organizational changes and problems identified during plan implementation.
ID	TD_ref8
Provider Reference

TD Information Security Program Plan - Protection From Disclosure, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization protects the information security program plan from unauthorized disclosure.
ID	TD_ref9
Provider Reference

TD Information Security Program Plan - Reviews, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization reviews the organization-wide information security program plan at an organization-defined frequency.
ID	TD_ref10
Provider Reference

TD Information Security Program Plan - Development - Management Controls In Place, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the security program management controls in place for meeting the requirements of the information security program.
ID	TD_ref11
Provider Reference

TD Information Security Program Plan - Reflects Coordination, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that reflects coordination among organizational entities responsible for the different aspects of information security (i.e., technical, physical, personnel, cyber-physical).
ID	TD_ref12
Provider Reference

TD Information Security Program Plan - Dissemination - Requirements, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization disseminates an organization-wide information security program plan.
ID	TD_ref13
Provider Reference

TD Information Security Program Plan - Approval of Risk - Other Organizations, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to other organizations.
ID	TD_ref14
Provider Reference

TD Information Security Program Plan - Approval of Risk - Organizational Assets, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to organizational assets.
ID	TD_ref15
Provider Reference

TD Information Security Program Plan - Development - Identification and Assignment of Management Commitment, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of management commitment.
ID	TD_ref16
Provider Reference

TD Information Security Program Plan - Development - Identification and Assignment of Responsibilities, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of responsibilities.
ID	TD_ref17
Provider Reference

TD Information Security Program Plan - Development - Planned Common Controls, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the common controls planned for meeting the requirements of the information security program.
ID	TD_ref18
Provider Reference

TD Information Security Program Plan - Updates From Assessments, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization updates the organization-wide information security plan to address organizational changes and problems identified during security control assessments.
ID	TD_ref19
Provider Reference

TD Information Security Program Plan - Approval of Risk - Individuals, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to individuals.
ID	TD_ref20
Provider Reference

TD Information Security Program Plan - Development - Common Controls In Place, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the common controls in place for meeting the requirements of the information security program.
ID	TD_ref21
Provider Reference

TD Information Security Program Plan - Development - Identification and Assignment of Coordination, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of coordination among organizational entities. .
ID	TD_ref22
Provider Reference

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON