Skip to main content

💼 SA-8 Security and Privacy Engineering Principles

Description

Apply the following systems security and privacy engineering principles in the specification, design, development, implementation, and modification of the system and system components: [Assignment: organization-defined systems security and privacy engineering principles].

Similar

  • Internal
    • ID: dec-c-2a38e125

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 FedRAMP High Security Controls → 💼 SA-8 Security and Privacy Engineering Principles (L)(M)(H)6
💼 FedRAMP Low Security Controls → 💼 SA-8 Security and Privacy Engineering Principles (L)(M)(H)6
💼 NIST CSF v2.0 → 💼 ID.AM-08: Systems, hardware, software, services, and data are managed throughout their life cycles21
💼 NIST CSF v2.0 → 💼 ID.IM-01: Improvements are identified from evaluations20
💼 NIST CSF v2.0 → 💼 ID.IM-02: Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties33
💼 NIST CSF v2.0 → 💼 ID.IM-03: Improvements are identified from execution of operational processes, procedures, and activities34
💼 NIST CSF v2.0 → 💼 PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected111
💼 NIST CSF v2.0 → 💼 PR.IR-03: Mechanisms are implemented to achieve resilience requirements in normal and adverse situations12

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags
💼 SA-8(1) Security and Privacy Engineering Principles _ Clear Abstractions
💼 SA-8(2) Security and Privacy Engineering Principles _ Least Common Mechanism
💼 SA-8(3) Security and Privacy Engineering Principles _ Modularity and Layering
💼 SA-8(4) Security and Privacy Engineering Principles _ Partially Ordered Dependencies
💼 SA-8(5) Security and Privacy Engineering Principles _ Efficiently Mediated Access
💼 SA-8(6) Security and Privacy Engineering Principles _ Minimized Sharing
💼 SA-8(7) Security and Privacy Engineering Principles _ Reduced Complexity
💼 SA-8(8) Security and Privacy Engineering Principles _ Secure Evolvability
💼 SA-8(9) Security and Privacy Engineering Principles _ Trusted Components
💼 SA-8(10) Security and Privacy Engineering Principles _ Hierarchical Trust
💼 SA-8(11) Security and Privacy Engineering Principles _ Inverse Modification Threshold
💼 SA-8(12) Security and Privacy Engineering Principles _ Hierarchical Protection
💼 SA-8(13) Security and Privacy Engineering Principles _ Minimized Security Elements
💼 SA-8(14) Security and Privacy Engineering Principles _ Least Privilege
💼 SA-8(15) Security and Privacy Engineering Principles _ Predicate Permission
💼 SA-8(16) Security and Privacy Engineering Principles _ Self-reliant Trustworthiness
💼 SA-8(17) Security and Privacy Engineering Principles _ Secure Distributed Composition
💼 SA-8(18) Security and Privacy Engineering Principles _ Trusted Communications Channels
💼 SA-8(19) Security and Privacy Engineering Principles _ Continuous Protection
💼 SA-8(20) Security and Privacy Engineering Principles _ Secure Metadata Management
💼 SA-8(21) Security and Privacy Engineering Principles _ Self-analysis
💼 SA-8(22) Security and Privacy Engineering Principles _ Accountability and Traceability1
💼 SA-8(23) Security and Privacy Engineering Principles _ Secure Defaults
💼 SA-8(24) Security and Privacy Engineering Principles _ Secure Failure and Recovery
💼 SA-8(25) Security and Privacy Engineering Principles _ Economic Security
💼 SA-8(26) Security and Privacy Engineering Principles _ Performance Security
💼 SA-8(27) Security and Privacy Engineering Principles _ Human Factored Security
💼 SA-8(28) Security and Privacy Engineering Principles _ Acceptable Security
💼 SA-8(29) Security and Privacy Engineering Principles _ Repeatable and Documented Procedures
💼 SA-8(30) Security and Privacy Engineering Principles _ Procedural Rigor
💼 SA-8(31) Security and Privacy Engineering Principles _ Secure System Modification
💼 SA-8(32) Security and Privacy Engineering Principles _ Sufficient Documentation
💼 SA-8(33) Security and Privacy Engineering Principles _ Minimization

Policies (6)

PolicyLogic CountFlags
📝 Google API Key is not restricted for unused APIs 🟢1🟢 x6
📝 Google API Key is not rotated every 90 days 🟢1🟢 x6
📝 Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on 🟢1🟢 x6
📝 Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value 🟢1🟢 x6
📝 Google Cloud SQL Server Instance user options Database Flag is configured 🟢1🟢 x6
📝 Google Project has API Keys 🟢1🟠 x1, 🟢 x5