When working in Paramify, the content you enter in your program flows directly into the sections of your System Security Plan (SSP). This article shows exactly where each piece of Paramify program content appears in the final SSP document.
Program Content to SSP Section Mapping
Use the table below to understand how your Paramify program content populates the SSP.
| Paramify Program Content | SSP Section |
|---|---|
| User Summary | Appendix C — Policy and Procedures Document as a Table, Appendix S |
| System Interconnections | Section 7 — External Systems and Services Not Having FedRAMP Authorization |
| System Function or Purpose | Section 3 — General System Description (Table 3-1) |
| System Components and Boundaries | Section 8.1 — Authorization Boundary |
| System Network Architecture | Section 8.2 — Network Architecture |
| System Data Flow | Section 8.3 — Data Flow Diagram |
| System Ports, Protocols & Services | Section 9 — Services, Ports, and Protocols |
| Leveraged Authorizations | Section 6 — Leveraged FedRAMP-Authorized Services |
| Cryptographic Modules | Appendix Q — Cryptographic Module Table |
| Security Policies | Appendix C |
| Security Procedures | Appendix C |
How to Use This Mapping
When filling out your program content in Paramify, each section you complete directly populates the corresponding SSP section listed above. This means you only need to enter your information once in Paramify, and it will automatically appear in the correct location within your generated SSP.
TIP
If you need to update any SSP section, make the change in the corresponding Paramify program content area and regenerate your SSP. This ensures your documentation stays consistent and up to date.
Comments
0 comments
Please sign in to leave a comment.