💼 SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN

• ID: /frameworks/nist-sp-800-53-r4/sa/17

Description

The organization requires the developer of the information system, system component, or information system service to produce a design specification and security architecture that: SA-17a. Is consistent with and supportive of the organization???s security architecture which is established within and is an integrated part of the organization???s enterprise architecture; SA-17b. Accurately and completely describes the required security functionality, and the allocation of security controls among physical and logical components; and SA-17c. Expresses how individual security functions, mechanisms, and services work together to provide required security capabilities and a unified approach to protection.

Similar

• Internal
  • ID: dec-c-3ed0e18b

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 PR.IP-2: A System Development Life Cycle to manage systems is implemented		6	9		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 SA-17 (1) FORMAL POLICY MODEL					no data
💼 SA-17 (2) SECURITY-RELEVANT COMPONENTS					no data
💼 SA-17 (3) FORMAL CORRESPONDENCE					no data
💼 SA-17 (4) INFORMAL CORRESPONDENCE					no data
💼 SA-17 (5) CONCEPTUALLY SIMPLE DESIGN					no data
💼 SA-17 (6) STRUCTURE FOR TESTING					no data
💼 SA-17 (7) STRUCTURE FOR LEAST PRIVILEGE					no data