SecureTech SSP Assessment Simulation
π‘οΈ Project Overview
This repository contains a partial simulation of a NIST SP 800-171 System Security Plan (SSP) assessment for a fictional organization, SecureTech Solutions. The simulation focuses on three control families:
- Access Control (AC)
- Awareness and Training (AT)
- Audit and Accountability (AU)
The goal of this project is to demonstrate how to document, assess, and track compliance with selected NIST SP 800-171 controls in a structured and professional format.
π¦ Included Files
| File | Description |
|---|---|
02_SecureTech_SSP.md |
The fictional System Security Plan (SSP) describing the environment and implementation of selected controls |
03_Assessment Sheet.xlsx |
A scoring sheet evaluating the implementation status of AC, AT, and AU controls |
04_POAM.md |
Plan of Action and Milestones for partially or non-implemented controls |
05_Final_Report.md |
Final summary report of the assessment findings and recommendations |
π Scope
This simulation covers only a subset of the 14 NIST SP 800-171 control families. The following families are included:
- β Access Control (AC)
- β Awareness and Training (AT)
- β Audit and Accountability (AU)
All other control families are outside the scope of this simulation.
π How to Use
- Review the
02_SecureTech_SSP.mdto understand the fictional system and control implementations. - Open the
03_Assessment Sheet.xlsxto view the scoring of each control. - Examine the
04_POAM.mdto see how gaps are tracked and remediated. - Read the
05_Final_Report.mdfor a summary of findings and next steps.
β οΈ Disclaimer
This project is a fictional simulation created for educational and portfolio purposes. It does not represent a real organization or a complete NIST SP 800-171 assessment.
π¬ Contact
Created by Dylan Nguyen
For questions or feedback, feel free to connect via GitHub or LinkedIn.