Not required for FISMA Moderate.
The organization addresses information security issues in the development, documentation, and updating of a critical infrastructure and key resources protection plan.
Protection strategies are based on the prioritization of critical assets and resources. The requirement and guidance for defining critical infrastructure and key resources and for preparing an associated critical infrastructure protection plan are found in applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.