CMS Information Security Contingency Plan (CP) Template documents the strategies, personnel, procedures, and resources that the Application Business Owner uses to respond to any short or long term interruption in support of their application(s)/system(s). This CP will help the Business Owner and System Developer/Maintainer to quickly determine the appropriate actions to be taken due to an interruption or disaster. 

CMS Information Security Contingency Planning (CP) Tabletop Test Template is required to be done annually for each CMS application with the primary objective of the tabletop test to ensure designated personnel are knowledgeable and capable of performing the notification/activation requirements and procedures as outlined in the CP, in a timely manner. To assist in the development of a tabletop test, a comprehensive package for creating the test plan and recording its results in an after-action report is provided below.

CMS Information Security Interconnection Security Agreement (ISA) Template is used to meet Federal policy requirements for agencies to develop ISAs between their information systems and networks and the external systems and networks to which they connect.  NIST SP 800-47 states: "A system that is approved by an ISA for interconnection with one organization's system shall meet the protection requirements equal to, or greater than, those implemented by the other organization's system." The guidelines establish information security (IS) measures that shall be taken to protect the connected systems and networks and shared data. 

CMS Information Security Memorandum of Understanding (MOU) Template is used to establish a management agreement between systems within the same security network regarding the development, management, operation, and security of a connection between their respective systems.  This agreement will govern the relationship between both parties, including designated managerial and technical staff, in the absence of a common management authority.

CMS Information Security Threat ID Workbook provides guidance in identifying some of the risks that may affect the development or modification of a CMS information system.

CMS RA and SSP Guidance - explains and provides helpful tips and examples for completing the information security RA and SSP templates.

Downloads
CMS IS CP Template (ZIP - 95 Kb) CMS IS CP Tabletop Test Template (ZIP - 80 Kb ) CMS IS ISA Template (ZIP - 195 Kb) CMS IS MOU Template (ZIP - 54 Kb) CMS IS Threat ID Workbook (ZIP - 56 Kb) CMS IS RA and SSP Guidance (PDF - 256 Kb)
Related Links Inside CMS
There are no Related Links Inside CMS
Related Links Outside CMS
There are no Related Links Outside CMS

Page Last Modified: 12/10/2008 2:19:43 PM
Help with File Formats and Plug-Ins