By Jack Anderson
January 31, 2022
Your System Security Plan or SSP contains all of the information needed to assess your current level of compliance. A proper SSP will contain multiple documents such as policies, risk assessments, Plan Of Action and Milestone (POAM), Incident Response, Site Data Form, System Configuration form. You need to be able to demonstrate progress on cybersecurity compliance. You may be asked to supply copies of your SSP. The Department of Justice Civil-Cyber Fraud Initiative has specifically focused on the SSP as a potential fraud issue. If your SSP is thin or out of date now is the time to update.