By Jack Anderson
May 29, 2022
A defensible SSP is a collection of documents providing detailed information about the current level of cybersecurity compliance in your organization. It should include at least these documents:
- Configuration Form Using DLA Template
- Cybersecurity Incident Response Form
- Site Data Summary Form
- Safeguards Listing Form
- Policies and NIST Safeguards
- Risk Assessment
- CUI Cybersecurity Compliance Report
- DoDAM Report
- POAM
- NIST 800-171 Compliance Report
- NIST Security Rule Compliance Report