πΌ SA-15 Development Process, Standards, and Tools (M)(H)
- Contextual name: πΌ SA-15 Development Process, Standards, and Tools (M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/sa/15 - Located in: πΌ System and Services Acquisition
Descriptionβ
a. Require the developer of the system, system component, or system service to follow a documented development process that:
-
Explicitly addresses security and privacy requirements;
-
Identifies the standards and tools used in the development process;
-
Documents the specific tool options and tool configurations used in the development process; and
-
Documents, manages, and ensures the integrity of changes to the process and/or tools used in development; and
b. Review the development process, standards, tools, tool options, and tool configurations [FedRAMP Assignment: frequency at least annually] to determine if the process, standards, tools, tool options and tool configurations selected and employed can satisfy the following security and privacy requirements: [FedRAMP Assignment: FedRAMP Security Authorization requirements].
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/sa/15/03
- Internal
- ID:
dec-c-1590f8ea
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ SA-15(3) Criticality Analysis (M)(H) |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ SA-15(3) Criticality Analysis (M)(H) |