U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

information security program plan

Definition(s):

  Formal document that provides an overview of the security requirements for an organization-wide information security program and describes the program management controls and common controls in place or planned for meeting those requirements.
Source(s):
CNSSI 4009-2015 from NIST SP 800-37 Rev. 1
NIST SP 800-37 Rev. 2
NIST SP 800-53 Rev. 5 from OMB Circular A-130 (2016)
NIST SP 800-137 under Information Security Program Plan from NISTIR 7298
NIST SP 800-30 Rev. 1 under Information Security Program Plan from NIST SP 800-53
NIST SP 800-37 Rev. 1 under Information Security Program Plan
NIST SP 800-39 under Information Security Program Plan from NIST SP 800-53
NIST SP 800-53 Rev. 4 under Information Security Program Plan
NIST SP 800-53A Rev. 4 under Information Security Program Plan from NIST SP 800-53
NIST SP 800-82 Rev. 2 under Information Security Program Plan from NIST SP 800-53