Skip to main content

πŸ’Ό PL-8 Security and Privacy Architectures

  • Contextual name: πŸ’Ό PL-8 Security and Privacy Architectures
  • ID: /frameworks/nist-sp-800-53-r5/pl/08
  • Located in: πŸ’Ό PL Planning

Description​

a. Develop security and privacy architectures for the system that:

  1. Describe the requirements and approach to be taken for protecting the confidentiality, integrity, and availability of organizational information;
  2. Describe the requirements and approach to be taken for processing personally identifiable information to minimize privacy risk to individuals;
  3. Describe how the architectures are integrated into and support the enterprise architecture; and
  4. Describe any assumptions about, and dependencies on, external systems and services; b. Review and update the architectures [Assignment: organization-defined frequency] to reflect changes in the enterprise architecture; and c. Reflect planned architecture changes in security and privacy plans, Concept of Operations (CONOPS), criticality analysis, organizational procedures, and procurements and acquisitions.

Similar​

  • Internal
    • ID: dec-c-639062b7

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό PL-8 Security and Privacy Architectures (L)(M)(H)
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό PL-8 Security and Privacy Architectures (L)(M)(H)
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό ID.AM-03: Representations of the organization's authorized network communication and internal and external network data flows are maintained31

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PL-8(1) Security and Privacy Architectures _ Defense in Depth
πŸ’Ό PL-8(2) Security and Privacy Architectures _ Supplier Diversity