# SSP Adoption Strategies

The best way to adopt OSCAL for your system depends on your circumstances. The OSCAL Foundation defines two adoption strategies:

- **Retrofit Adoption Path**: Converting Legacy Documentation
- **Native Adoption Path**: Creating New Documentation

---
### Retrofit Adoption Path

If you need to convert legacy documentation to OSCAL, follow the [Retrofit Adoption Path](https://patterns.rufrisk.com/books/fedramp-system-security-plan-ssp/page/retrofit-adoption-path).

Migrate existing content to OSCAL with the minimum necessary refactoring, and normalize content over time.

---
### Native Adoption Path

If you are approaching OSCAL to intially create your system security plan and do not have legacy documentaiton to convert, follow the [Native Adoption Path](https://patterns.rufrisk.com/books/fedramp-system-security-plan-ssp/page/native-adoption-path).

<div class="callout">

The FedRAMP PMO prefers new systems follow the FedRAMP 20x Authorization Path. We will prioritize 20x representation in OSCAL based on demand from CSPs and Agency Authorizing Officials (AO).
  
</div>