![map[class:w-full h-full object-cover object-center src:images/blog/ssp-2.png]](https://nehwe.tech/images/blog/ssp-2.png)
The Role of a System Security Plan in DoD Cyber
Understanding the System Security Plan
A System Security Plan (SSP) Is the central document that explains how your organization secures sensitive data, including Controlled Unclassified Information (CUI). Rather than being a static policy, an SSP documents the actual security controls protecting your systems and how those controls are operated, monitored, and maintained.
The Role of a System Security Plan in DoD Cyber
Understanding the System Security Plan
A System Security Plan (SSP) Is the central document that explains how your organization secures sensitive data, including Controlled Unclassified Information (CUI). Rather than being a static policy, an SSP documents the actual security controls protecting your systems and how those controls are operated, monitored, and maintained.
![map[class:w-full h-full object-cover object-center src:images/blog/gap_analysis_blog_1.png]](https://nehwe.tech/images/blog/gap_analysis_blog_1.png)
What a NIST 800-171 Gap Analysis Really Tells You (And What it Doesn't)
Many contractors hear the term NIST 800-171 gap analysis but are not sure what it actually means in practice. Some assume it leads directly to certification, while others believe it is simply a checklist exercise.