πΌ SA-3 System Development Life Cycle (L)(M)(H)
- Contextual name: πΌ SA-3 System Development Life Cycle (L)(M)(H)
- ID:
/frameworks/fedramp-low-security-controls/sa/03 - Located in: πΌ System and Services Acquisition
Descriptionβ
a. Acquire, develop, and manage the system using [Assignment: organization-defined system development life cycle] that incorporates information security and privacy considerations;
b. Define and document information security and privacy roles and responsibilities throughout the system development life cycle;
c. Identify individuals having information security and privacy roles and responsibilities; and
d. Integrate the organizational information security and privacy risk management process into system development life cycle activities.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/sa/03/frameworks/fedramp-high-security-controls/sa/03
- Internal
- ID:
dec-c-0d2cca86
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ SA-3 System Development Life Cycle (L)(M)(H) | 4 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SA-3 System Development Life Cycle | 3 | 4 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS CodeBuild Project Bitbucket Source Location URL contains credentials π’ | 1 | π’ x6 |
| π Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on π’ | 1 | π’ x6 |
| π Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value π’ | 1 | π’ x6 |
| π Google Cloud SQL Server Instance user options Database Flag is configured π’ | 1 | π’ x6 |