FedRAMP In a Box

NIST 800-53 Controls.xlsx

Appendix-A-FedRAMP-Security-Controls

High-Moderate-Low-LI-SaaS-Baseline-System-Security-Plan-SSP

Appendix-F-Rules-of Behavior-(RoB)

Appendix-G-Information-System-Contingency-Plan-ISCP

Appendix-H-Configuration-Management-Plan-CMP

Appendix-I-Incident-Response-Plan-IRP

Appendix-N-Continuous-Monitoring-Plan

Appendix-P-Supply-Chain-Risk-Management-Plan-SCRMP

Incident Response Plan Addendum DoD

Incident Response Plan for the System Security Plan

Incident Response Plan Tests

Access Control Policies and Procedures Document

Audit and Accountability Policy and Procedure

Awareness & Training Policy and Procedure

Business Continuity Plan

CONOPS

Continuity of Operations-COOP

Data Classification and Handling Policies

Data Spill Incident Handling Procedures

Disaster Recovery Plan

Employee Training and Awareness Document

Information Security and Procedures Document

Information Security Program Plan

Maintenance Policy and Procedures

Media Protection Policy and Procedure

Personnel Security Policy and Procedure

Physical & Environment Protection Policy and Procedure

Planning Policy and Procedure

Risk Assessment and Risk Management Document

Risk Management Strategy

Risk Register

Security Assessment Authorization Policy and Procedure

Supply Chain Risk Management

Software Development Life Cycle

System Communications Protection Policy and Procedure

System Information Integrity Policy and Procedure

System Services Acquisition Policy and Procedure

Change Management Policies and Procedures

Information System Contingency Plan (ISCP) for System Security Plan

Configuration Management Plan (CMP) for System Security Plan.docx