Addendum A – Composing a FedRAMP System Security Plan

This whitepaper goes into detail and explains the System Security Plan (SSP), the main document of a security package in which the Cloud Service Provider (CSP) describes all the security controls in use on the system and their implementation, and provides necessary information needed to know about developing an SSP