System and communications protection policy
procedures addressing architecture and provisioning for name/address resolution services
access control policy and procedures
system design documentation
assessment results from independent testing organizations
system configuration settings and associated documentation
system audit records
system security plan
other relevant documents or records