System Security Plan
Definition - What does System Security Plan mean?
A system security plan is a formal plan that defines the plan of action to secure a computer or information system.
It provides a systematic approach and techniques for protecting a computer from being used by unauthorized users, guards against worms and viruses as well as any other incident/event/process that can jeopardize the underlying system’s security.
Techopedia explains System Security Plan
A system security plan is primarily implemented in organizational IT environments. It can be a proposed plan to protect and control an information system, or a plan that is already in implementation. It is usually created using the organization/IT environment security policy as the benchmark.
Typically a system security plan includes:
- List of authorized personnel/users that can access the system
- Level of access/tiered access, or what each user is allowed and not allowed to do on the system
- Access control methods, or how users will access the system (user ID/password, digital card, biometrics)
- Strengths and weaknesses of the system and how weaknesses are handled
- May also include system backup/restoration procedures