Planning
NIST SP 800-53 Rev 5 Planning controls.
Policy and Procedures
Develop, document, and disseminate to [parameter]:
System Security and Privacy Plans
Develop security and privacy plans for the system that:
System Security Plan Update
System Security Plan Update
Rules of Behavior
Establish and provide to individuals requiring access to the system, the rules that describe their responsibilities and expected behavior for information and system usage, security, and privacy;
Privacy Impact Assessment
Privacy Impact Assessment
Security-related Activity Planning
Security-related Activity Planning
Concept of Operations
Develop a Concept of Operations (CONOPS) for the system describing how the organization intends to operate the system from the perspective of information security and privacy; and
Security and Privacy Architectures
Develop security and privacy architectures for the system that:
Central Management
Centrally manage [parameter].
Baseline Selection
Select a control baseline for the system.
Baseline Tailoring
Tailor the selected control baseline by applying specified tailoring actions.