Read NIST SP 800-30 revision 1 (http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf (Links to an external site.)), NIST SP 800-53 revision 4, Chapters 1 thru 3 (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf (Links to an external site.)), and NIST SP 800-18 revision 1 (http://csrc.nist.gov/publications/nistpubs/800-18-Rev1/sp800-18-Rev1-final.pdf (Links to an external site.)), all of which are located in your Module 3 Resources folder.
Develop a System Security Plan (SSP) based on the information system selected in Project 1 using the sample provided in NIST SP 800-18 revision 1, Appendix A, as a guide; Note for #13, Minimum Security Controls in the SSP template: you only need to specify the appropriate control baseline from NIST SP 800-53 revision 4 and any additional controls or control enhancements (MINIMUM OF 2) added as part of the tailoring process, including your rationale for the addition. Do NOT list all the controls and enhancements in the selected baseline.