PM-08 Critical Infrastructure Plan
Address information security and privacy issues in the development, documentation, and updating of a critical infrastructure and key resources protection plan.
Protection strategies are based on the prioritization of critical assets and resources. The requirement and guidance for defining critical infrastructure and key resources and for preparing an associated critical infrastructure protection plan are found in applicable laws, executive orders, directives, policies, regulations, standards, and guidelines.
- EO 13636 Executive Order 13636, *Improving Critical Infrastructure Cybersecurity* , February 2013.
- OMB A-130 Office of Management and Budget Memorandum Circular A-130, *Managing Information as a Strategic Resource* , July 2016.
- HSPD 7 Homeland Security Presidential Directive 7, *Critical Infrastructure Identification, Prioritization, and Protection* , December 2003.
- DHS NIPP Department of Homeland Security, *National Infrastructure Protection Plan (NIPP)* , 2009.
Related controls 9
- CP-02 Contingency Plan L M H P
- CP-04 Contingency Plan Testing L M H P
- PE-18 Location of System Components L M H P
- PL-02 System Security and Privacy Plans L M H P
- PM-09 Risk Management Strategy L M H P
- PM-11 Mission and Business Process Definition L M H P
- PM-18 Privacy Program Plan L M H P
- RA-03 Risk Assessment L M H P
- SI-12 Information Management and Retention L M H P