← Custodia
Definition

Organization Defined Parameter

Also known as: ODP

An Organization Defined Parameter (ODP) is a value that a security requirement leaves for the organization to set, such as a password length, a lockout threshold, or a review frequency. NIST SP 800-171 uses ODPs so requirements can be tailored, and a contractor must define and document each ODP consistently in its System Security Plan for a CMMC Level 2 assessment.

Primary source
NIST SP 800-171

Related terms

Stop reading. Start filing.

Find your SPRS score in 4 minutes. Then file it in 7 days.

Take the free SPRS quiz to see exactly where you stand on the 15 FAR 52.204-21 safeguarding requirements, no signup, no card. If you like what you see, the 7-day Custodia trial picks up where the quiz leaves off and walks you to a signed, bid-ready package.

7-day free trial · No credit card required · $249/mo Self Service ($2,496/yr on annual, two months free)