[Verse 1] When architects map their digital realm Six component types must guide the helm Software modules, hardware frames Services running, policies by name Processes flowing through the enterprise Validation artifacts that verify [Chorus] Component definitions, crystal blueprints clear Document satisfaction, every control draws near Configuration specific, implementations vary SSP authoring tools consume what you carry COMP-DEF, COMP-DEF, building blocks align COMP-DEF, COMP-DEF, control mappings shine [Verse 2] Each component whispers how controls are met Inherited provisions, no requirement's left Parameter settings shift with each deploy Different environments these configs employ What works for staging might not fit production Tailor implementations for each construction [Chorus] Component definitions, crystal blueprints clear Document satisfaction, every control draws near Configuration specific, implementations vary SSP authoring tools consume what you carry COMP-DEF, COMP-DEF, building blocks align COMP-DEF, COMP-DEF, control mappings shine [Bridge] FIPS one-forty-two validation certificates Testing evidence that demonstrates and validates Cryptographic modules proven sound and true Assessment results become consumable too Machine readable formats bridge the gap Between component specs and compliance map [Verse 3] Authoring tools digest these structured files Import component data, eliminate the piles Of manual entry, copying text by hand Automated workflows help compliance expand Reusable components across multiple plans Efficiency emerges when automation spans [Chorus] Component definitions, crystal blueprints clear Document satisfaction, every control draws near Configuration specific, implementations vary SSP authoring tools consume what you carry COMP-DEF, COMP-DEF, building blocks align COMP-DEF, COMP-DEF, control mappings shine [Outro] Six types of components, controls satisfied Configuration contexts, validation certified Consumable formats for the tools that build Component definitions, compliance requirements filled
← 2 Creating a Profile | 4 Building a System Security Plan →