A system security plan (SSP) is structured, comprehensive information security aimed at regulation and monitoring of the authorized processes and activities with the development cycle. It is a program outlining the systematic obligations to control the access and sharing of the information. System security plan safeguard structural authorization of officiated information of the activities (Bowen, Hash, & Wilson, 2006). Accreditation and certification are crucial to implementing the SSP. Certification and accreditation, therefore, help the evaluation and authorization of the SSP. Typically, the certification process ensures that there is comprehensive satisfaction of the measures and standards necessary for the security program to be initiated (McAlees, & Schumacher, 1975). It enables SSP to evaluate and mitigate the risks that are bound to happen upon its implementation. On the other hand, the accreditation process provides a formal affirmation that the certified security system benefits the concerned and is implemented into accordance with the statues and standards predetermined in the SSP. Usually, accreditation program confers and assert on the regulation authorized within a given activity development.
In business structure and other economic activities, SSP plays an essential role in protecting consumers' data. The customers' information that to some extent portrays their consumption habits at times provides the financial positions they are in. Regarding that, it becomes vital and sensitive as it may lead to other issues such as theft and assassination with the aim to steal the wealth of that particular client spotted to be productive (Williams, 2001). Similarly, matters pertaining to health are confidential and therefore, SSP assist the health institutions in maintaining the patients' data confidential and secure for future use (Huston, 2001). SSP mitigate cost-effective evaluation and control of the standard norms and assessment to authorized activities.
In NIST SP 800-171, the plan is proposed by non-federal agencies, while the DoIT Maryland Gov. Plan, Government to control and regulate the assessment of the authorized activities (Lazar et al., 2010). It is an administrative plan to mitigate information security and control in the SANS organization to ensure that evaluation and risk assessment is analyses to establish proper authorization standards of its activities (Mehdizadeh, 2003). Information is the vital element that critically interlinked with communication agencies to ensure that data of employees and business is protected and regulated to meet the standards of the authorized plan. The NIST SP 800 project a tight schedule in implementation and assessment of the standards and data security that is up to wellbeing of the employees and those concerned. Due to that comparative advantage, I would, therefore, prefer its plan rather than others.
References
Bowen, P., Hash, J., & Wilson, M. (2006). Sp 800-100. Information security handbook: A guide for managers. Retrieved from https://dl.acm.org/doi/book/10.5555/2206189
Huston, T. (2001). Security issues for implementation of e-medical records. Communications of the ACM, 44(9), 89-94. https://doi.org/10.1145/383694.383712
Lazar, J., Beavan, P., Brown, J., Coffey, D., Nolf, B., Poole, R., & Wenger, B. (2010). Investigating the accessibility of state government web sites in Maryland. In Designing inclusive interactions (pp. 69-78). Springer, London.
Mehdizadeh, Y. (2003). SANS Institute. Retrieve from https://pdfs.semanticscholar.org/cb52/296be78395868eb205883d1d8a9a8b10080e.pdf
Williams, P. (2001). Information security governance. Information security technical report, 6(3), 60-70. https://doi.org/10.1016/S1363-4127 (01)00309-0
McAlees, D. C., & Schumacher, B. (1975). Toward new professionalism: Certification and accreditation. Rehabilitation Counseling Bulletin.
Cite this page
Essay Sample on System Security Plan: An In-Depth Guide to Accreditation & Certification. (2023, Mar 27). Retrieved from https://proessays.net/essays/essay-sample-on-system-security-plan-an-in-depth-guide-to-accreditation-certification
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Essay Sample on Contingency and Situation Theories of Leadership
- Essay Example on Victor Reinoso Applies Management Principles: Esprit De Corps
- YBA Kanoo Group: A Multinational Conglomerate since 1890 - Essay Sample
- Paper Example on Madam Sindah's Bitter, Unprofessional Tone: Impact on Communication
- Paper Example on IAWP: Strengthening Women in Policing since 1915
- Essay Example on The Failed Leadership of J.C. Penney and Ron Johnson
- Report Sample - Nurturing Leaders: The Essence and Impact of Mentorship in Spiritual Growth