Information Assurance Process Model

  1. System Information
    1. Policies
    2. Procedures
    3. Processes
    4. Best Practices
  2. Security Requirements Traceability Matrix (SRTM)
  3. Certification Test Plan
  4. Risk Analysis
  5. System Security Documents
    1. System Security Plan (SSP)
    2. Information System Security Plan (ISSP)
    3. System Security Authorization Agreement (SSAA)