Security and Privacy Controls for Federal Information Systems and Organizations
No. | Control | Priority | Low | Moderate | High |
---|---|---|---|---|---|
PL-1 | SECURITY PLANNING POLICY AND PROCEDURES | P1 |
PL-1
|
PL-1
|
PL-1
|
PL-2 | SYSTEM SECURITY PLAN | P1 |
PL-2
|
PL-2
(3)
|
PL-2
(3)
|
PL-3 | SYSTEM SECURITY PLAN UPDATE |
|
|
|
|
PL-4 | RULES OF BEHAVIOR | P2 |
PL-4
|
PL-4
(1)
|
PL-4
(1)
|
PL-5 | PRIVACY IMPACT ASSESSMENT |
|
|
|
|
PL-6 | SECURITY-RELATED ACTIVITY PLANNING |
|
|
|
|
PL-7 | SECURITY CONCEPT OF OPERATIONS | P0 |
|
|
|
PL-8 | INFORMATION SECURITY ARCHITECTURE | P1 |
|
PL-8
|
PL-8
|
PL-9 | CENTRAL MANAGEMENT | P0 |
|
|
|