Draft Research Institution Community Developed SSP
One of the major challenges faced by institutions engaged in regulated research is determining how to align their interpretation of controls with those of other institutions engaged in similar activities. Given the sensitive nature of implementation decisions and the varied resources available to institutions, the primary means of addressing this challenge is traditionally through internal teams or external consulting efforts. However, when teams have been heavily involved in the development and implementation of a System Security Plan, they may inadvertently overlook crucial details or overcommit themselves to additional and unnecessary effort in their solutions.
This advanced, full-day workshop focused on the creation of key components of a NIST 800-171 / CMMC Level 2 System Security Plan (SSP) through collaboration and expert input.
This workshop produced a novel resource achieved from national experts finding consensus of implementation strategies and determining best practices. As a group, we documented responses to 42 selected controls. We encourage you to use this reference as you build your own SSP.
Carnegie Mellon University
Case Western Reserve University
Chemeketa Community College
Connecticut State Colleges & Universities
Georgia Institute of Technology
Lake Forest College
Madison Area Technical College
Mississippi State University
North Carolina Community College System
North Carolina State University
North Dakota State University
South Dakota State University
Find the final output on EDUCAUSE's site secured behind member login. Visit: https://events.educause.edu/special-topic-events/cybersecurity-and-privacy-professionals-conference/2023/agenda/advanced-system-security-plan-workshop-separate-registration-is-required
If you are not a EDUCAUSE member, please request a copy at firstname.lastname@example.org from a .edu address.