| 💼 PL-1 Policy and Procedures | | | | |
| 💼 PL-2 System Security and Privacy Plans | 3 | | | |
|     💼 PL-2(1) System Security and Privacy Plans _ Concept of Operations | | | | |
|     💼 PL-2(2) System Security and Privacy Plans _ Functional Architecture | | | | |
|     💼 PL-2(3) System Security and Privacy Plans _ Plan and Coordinate with Other Organizational Entities | | | | |
| 💼 PL-3 System Security Plan Update | | | | |
| 💼 PL-4 Rules of Behavior | 1 | | | |
|     💼 PL-4(1) Rules of Behavior _ Social Media and External Site/application Usage Restrictions | | | | |
| 💼 PL-5 Privacy Impact Assessment | | | | |
| 💼 PL-6 Security-related Activity Planning | | | | |
| 💼 PL-7 Concept of Operations | | | | |
| 💼 PL-8 Security and Privacy Architectures | 2 | | 3 | |
|     💼 PL-8(1) Security and Privacy Architectures _ Defense in Depth | | | | |
|     💼 PL-8(2) Security and Privacy Architectures _ Supplier Diversity | | | | |
| 💼 PL-9 Central Management | | | | |
| 💼 PL-10 Baseline Selection | | | | |
| 💼 PL-11 Baseline Tailoring | | | | |