Security categorizations are defined as per the level of effort needed for certification. Three categorization levels of security exist and are defined as follows:

This table has the definitions the three main security categorizations degree of effort based on them

This table shows the required SSP sections that are needed for systems in each of security categorizations.

When the initiation phase comes to an end, then the certification phase commences.

Certification

06/01

In this phase, the team mandated with certification evaluates the entire information system in order to determine whether the security requirements have been satisfied. They then proceed to identify any deficiencies or vulnerabilities. The corrections of the deficiencies/vulnerabilities that are severe enough to prevent system operation from being approved are a responsibility of the System Owner

System Security Plan. The SSP must bear a reflection the current system status. If there are modifications to the system security controls...
[ View Full Essay]