Skip to main content

πŸ’Ό SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN

  • Contextual name: πŸ’Ό SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN
  • ID: /frameworks/nist-sp-800-53-r4/sa/17
  • Located in: πŸ’Ό SA SYSTEM AND SERVICES ACQUISITION

Description​

The organization requires the developer of the information system, system component, or information system service to produce a design specification and security architecture that: SA-17a. Is consistent with and supportive of the organization???s security architecture which is established within and is an integrated part of the organization???s enterprise architecture; SA-17b. Accurately and completely describes the required security functionality, and the allocation of security controls among physical and logical components; and SA-17c. Expresses how individual security functions, mechanisms, and services work together to provide required security capabilities and a unified approach to protection.

Similar​

  • Internal
    • ID: dec-c-3ed0e18b

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.IP-2: A System Development Life Cycle to manage systems is implemented66

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό SA-17 (1) FORMAL POLICY MODEL
πŸ’Ό SA-17 (2) SECURITY-RELEVANT COMPONENTS
πŸ’Ό SA-17 (3) FORMAL CORRESPONDENCE
πŸ’Ό SA-17 (4) INFORMAL CORRESPONDENCE
πŸ’Ό SA-17 (5) CONCEPTUALLY SIMPLE DESIGN
πŸ’Ό SA-17 (6) STRUCTURE FOR TESTING
πŸ’Ό SA-17 (7) STRUCTURE FOR LEAST PRIVILEGE