💼 PR.IP-2: A System Development Life Cycle to manage systems is implemented

• Contextual name: 💼 PR.IP-2: A System Development Life Cycle to manage systems is implemented
• ID: /frameworks/nist-csf-v1.1/pr-ip/02
• Located in: 💼 Information Protection Processes and Procedures (PR.IP)

Description

Empty...

Similar

• Sections
  • /frameworks/iso-iec-27001-2013/06/01/05
  • /frameworks/iso-iec-27001-2013/14/01/01
  • /frameworks/iso-iec-27001-2013/14/02/01
  • /frameworks/iso-iec-27001-2013/14/02/05
  • /frameworks/nist-sp-800-53-r4/pl/08
  • /frameworks/nist-sp-800-53-r4/sa/03
  • /frameworks/nist-sp-800-53-r4/sa/04
  • /frameworks/nist-sp-800-53-r4/sa/08
  • /frameworks/nist-sp-800-53-r4/sa/10
  • /frameworks/nist-sp-800-53-r4/sa/11
  • /frameworks/nist-sp-800-53-r4/sa/12
  • /frameworks/nist-sp-800-53-r4/sa/15
  • /frameworks/nist-sp-800-53-r4/sa/17
  • /frameworks/nist-sp-800-53-r4/si/12
  • /frameworks/nist-sp-800-53-r4/si/13
  • /frameworks/nist-sp-800-53-r4/si/14
  • /frameworks/nist-sp-800-53-r4/si/16
  • /frameworks/nist-sp-800-53-r4/si/17
• Internal
  • ID: dec-c-aad19683

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 ISO/IEC 27001:2013 → 💼 A.6.1.5 Information security in project management
💼 ISO/IEC 27001:2013 → 💼 A.14.1.1 Information security requirements analysis and specification		6	6
💼 ISO/IEC 27001:2013 → 💼 A.14.2.1 Secure development policy
💼 ISO/IEC 27001:2013 → 💼 A.14.2.5 Secure system engineering principles
💼 NIST SP 800-53 Revision 4 → 💼 PL-8 INFORMATION SECURITY ARCHITECTURE	2
💼 NIST SP 800-53 Revision 4 → 💼 SA-3 SYSTEM DEVELOPMENT LIFE CYCLE
💼 NIST SP 800-53 Revision 4 → 💼 SA-4 ACQUISITION PROCESS	10
💼 NIST SP 800-53 Revision 4 → 💼 SA-8 SECURITY ENGINEERING PRINCIPLES
💼 NIST SP 800-53 Revision 4 → 💼 SA-10 DEVELOPER CONFIGURATION MANAGEMENT	6
💼 NIST SP 800-53 Revision 4 → 💼 SA-11 DEVELOPER SECURITY TESTING AND EVALUATION	8
💼 NIST SP 800-53 Revision 4 → 💼 SA-12 SUPPLY CHAIN PROTECTION	15
💼 NIST SP 800-53 Revision 4 → 💼 SA-15 DEVELOPMENT PROCESS, STANDARDS, AND TOOLS	11
💼 NIST SP 800-53 Revision 4 → 💼 SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN	7
💼 NIST SP 800-53 Revision 4 → 💼 SI-12 INFORMATION HANDLING AND RETENTION
💼 NIST SP 800-53 Revision 4 → 💼 SI-13 PREDICTABLE FAILURE PREVENTION	5
💼 NIST SP 800-53 Revision 4 → 💼 SI-14 NON-PERSISTENCE	1
💼 NIST SP 800-53 Revision 4 → 💼 SI-16 MEMORY PROTECTION
💼 NIST SP 800-53 Revision 4 → 💼 SI-17 FAIL-SAFE PROCEDURES

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (9)

Policy	Logic Count	Flags
📝 Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server log_connections Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure SQL Server Auditing Retention is less than 90 days 🟢	1	🟢 x6
📝 Azure Virtual Machine is not utilizing Managed Disks 🟢	1	🟢 x6
📝 Google API Key is not restricted for unused APIs 🟢	1	🟢 x6
📝 Google API Key is not rotated every 90 days 🟢	1	🟢 x6
📝 Google Project has API Keys 🟢	1	🟠 x1, 🟢 x5

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0c82d775	1
✉️ dec-x-9b79d91f	1
✉️ dec-x-24bba483	1
✉️ dec-x-89d5ed7a	1
✉️ dec-x-588af79c	1
✉️ dec-x-1518c16e	1