Skip to main content

💼 PR.IP-2: A System Development Life Cycle to manage systems is implemented

  • ID: /frameworks/nist-csf-v1.1/pr-ip/02

Description

Empty...

Similar

  • Sections
    • /frameworks/iso-iec-27001-2013/06/01/05
    • /frameworks/iso-iec-27001-2013/14/01/01
    • /frameworks/iso-iec-27001-2013/14/02/01
    • /frameworks/iso-iec-27001-2013/14/02/05
    • /frameworks/nist-sp-800-53-r4/pl/08
    • /frameworks/nist-sp-800-53-r4/sa/03
    • /frameworks/nist-sp-800-53-r4/sa/04
    • /frameworks/nist-sp-800-53-r4/sa/08
    • /frameworks/nist-sp-800-53-r4/sa/10
    • /frameworks/nist-sp-800-53-r4/sa/11
    • /frameworks/nist-sp-800-53-r4/sa/12
    • /frameworks/nist-sp-800-53-r4/sa/15
    • /frameworks/nist-sp-800-53-r4/sa/17
    • /frameworks/nist-sp-800-53-r4/si/12
    • /frameworks/nist-sp-800-53-r4/si/13
    • /frameworks/nist-sp-800-53-r4/si/14
    • /frameworks/nist-sp-800-53-r4/si/16
    • /frameworks/nist-sp-800-53-r4/si/17
  • Internal
    • ID: dec-c-aad19683

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 ISO/IEC 27001:2013 → 💼 A.6.1.5 Information security in project managementno data
💼 ISO/IEC 27001:2013 → 💼 A.14.1.1 Information security requirements analysis and specification66no data
💼 ISO/IEC 27001:2013 → 💼 A.14.2.1 Secure development policyno data
💼 ISO/IEC 27001:2013 → 💼 A.14.2.5 Secure system engineering principlesno data
💼 NIST SP 800-53 Revision 4 → 💼 PL-8 INFORMATION SECURITY ARCHITECTURE2no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-3 SYSTEM DEVELOPMENT LIFE CYCLEno data
💼 NIST SP 800-53 Revision 4 → 💼 SA-4 ACQUISITION PROCESS10no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-8 SECURITY ENGINEERING PRINCIPLESno data
💼 NIST SP 800-53 Revision 4 → 💼 SA-10 DEVELOPER CONFIGURATION MANAGEMENT6no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-11 DEVELOPER SECURITY TESTING AND EVALUATION8no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-12 SUPPLY CHAIN PROTECTION15no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-15 DEVELOPMENT PROCESS, STANDARDS, AND TOOLS11no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN7no data
💼 NIST SP 800-53 Revision 4 → 💼 SI-12 INFORMATION HANDLING AND RETENTIONno data
💼 NIST SP 800-53 Revision 4 → 💼 SI-13 PREDICTABLE FAILURE PREVENTION5no data
💼 NIST SP 800-53 Revision 4 → 💼 SI-14 NON-PERSISTENCE1no data
💼 NIST SP 800-53 Revision 4 → 💼 SI-16 MEMORY PROTECTIONno data
💼 NIST SP 800-53 Revision 4 → 💼 SI-17 FAIL-SAFE PROCEDURESno data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (9)

PolicyLogic CountFlagsCompliance
🛡️ Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server log_connections Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure SQL Server Auditing Retention is less than 90 days🟢1🟢 x6no data
🛡️ Azure Virtual Machine is not utilizing Managed Disks🟢1🟢 x6no data
🛡️ Google API Key is not restricted for unused APIs🟢1🟢 x6no data
🛡️ Google API Key is not rotated every 90 days🟢1🟢 x6no data
🛡️ Google Project has API Keys🟢1🟠 x1, 🟢 x5no data

Internal Rules

RulePoliciesFlags
✉️ dec-x-0c82d7751
✉️ dec-x-9b79d91f1
✉️ dec-x-24bba4831
✉️ dec-x-89d5ed7a1
✉️ dec-x-588af79c1
✉️ dec-x-1518c16e1