💼 SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN
- ID:
/frameworks/nist-sp-800-53-r4/sa/17
Stats​
not available
Description​
The organization requires the developer of the information system, system component, or information system service to produce a design specification and security architecture that: SA-17a. Is consistent with and supportive of the organization???s security architecture which is established within and is an integrated part of the organization???s enterprise architecture; SA-17b. Accurately and completely describes the required security functionality, and the allocation of security controls among physical and logical components; and SA-17c. Expresses how individual security functions, mechanisms, and services work together to provide required security capabilities and a unified approach to protection.
Similar​
- Internal
- ID:
dec-c-3ed0e18b
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 PR.IP-2: A System Development Life Cycle to manage systems is implemented | 6 | 9 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 SA-17 (1) FORMAL POLICY MODEL | no data | ||||
| 💼 SA-17 (2) SECURITY-RELEVANT COMPONENTS | no data | ||||
| 💼 SA-17 (3) FORMAL CORRESPONDENCE | no data | ||||
| 💼 SA-17 (4) INFORMAL CORRESPONDENCE | no data | ||||
| 💼 SA-17 (5) CONCEPTUALLY SIMPLE DESIGN | no data | ||||
| 💼 SA-17 (6) STRUCTURE FOR TESTING | no data | ||||
| 💼 SA-17 (7) STRUCTURE FOR LEAST PRIVILEGE | no data |