. 3.17 SYSTEM AND SERVICES ACQUISITION | NIST SP 800-53

Security and Privacy Controls for Information Systems and Organizations
. Table of Contents
. Executive Summary
. Prologue
. Errata
. News
CHAPTER ONE, INTRODUCTION
CHAPTER TWO, THE FUNDAMENTALS
CHAPTER THREE, THE CONTROLS
. 3.1 ACCESS CONTROL
. 3.2 AWARENESS AND TRAINING
. 3.3 AUDIT AND ACCOUNTABILITY
. 3.4 ASSESSMENT, AUTHORIZATION, AND MONITORING
. 3.5 CONFIGURATION MANAGEMENT
. 3.6 CONTINGENCY PLANNING
. 3.7 IDENTIFICATION AND AUTHENTICATION
. 3.8 INCIDENT RESPONSE
. 3.9 MAINTENANCE
. 3.10 MEDIA PROTECTION
. 3.11 PHYSICAL AND ENVIRONMENTAL PROTECTION
. 3.12 PLANNING
. 3.13 PROGRAM MANAGEMENT
. 3.14 PERSONNEL SECURITY
. 3.15 PERSONALLY IDENTIFIABLE INFORMATION PROCESSING AND TRANSPARENCY
. 3.16 RISK ASSESSMENT
. 3.17 SYSTEM AND SERVICES ACQUISITION
. 3.18 SYSTEM AND COMMUNICATIONS PROTECTION
. 3.19 SYSTEM AND INFORMATION INTEGRITY
. 3.20 SUPPLY CHAIN RISK MANAGEMENT
. REFERENCES
. GLOSSARY
. ACRONYMS
. CONTROL SUMMARIES
- -- TABLE C-1 ACCESS CONTROL FAMILY

This site uses Just the Docs, a documentation theme for Jekyll.

Just the Docs on GitHub

3.17 SYSTEM AND SERVICES ACQUISITION

Quick link to System and Services Acquisition Summary Table

Table of contents

-- SA-1 POLICY AND PROCEDURES
-- SA-2 ALLOCATION OF RESOURCES
-- SA-3 SYSTEM DEVELOPMENT LIFE CYCLE
-- SA-4 ACQUISITION PROCESS
-- SA-5 SYSTEM DOCUMENTATION
-- SA-6 SOFTWARE USAGE RESTRICTIONS
-- SA-7 USER-INSTALLED SOFTWARE
-- SA-8 SECURITY AND PRIVACY ENGINEERING PRINCIPLES
-- SA-9 EXTERNAL SYSTEM SERVICES
-- SA-10 DEVELOPER CONFIGURATION MANAGEMENT
-- SA-11 DEVELOPER TESTING AND EVALUATION
-- SA-12 SUPPLY CHAIN PROTECTION
-- SA-13 TRUSTWORTHINESS
-- SA-14 CRITICALITY ANALYSIS
-- SA-15 DEVELOPMENT PROCESS, STANDARDS, AND TOOLS
-- SA-16 DEVELOPER-PROVIDED TRAINING
-- SA-17 DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN
-- SA-18 TAMPER RESISTANCE AND DETECTION
-- SA-19 COMPONENT AUTHENTICITY
-- SA-20 CUSTOMIZED DEVELOPMENT OF CRITICAL COMPONENTS
-- SA-21 DEVELOPER SCREENING
-- SA-22 UNSUPPORTED SYSTEM COMPONENTS
-- SA-23 SPECIALIZATION

Copyright © 2017-2020 Patrick Marsceill. Distributed by an MIT license.

Edit this page on GitHub