SA-17(7)—Developer Security Architecture And Design
PBMM (P3)
Secret (P3)
Management
>Control Description
DEVELOPER SECURITY ARCHITECTURE AND DESIGN | STRUCTURE FOR LEAST PRIVILEGE The organization requires the developer of the information system, system component, or information system service to structure security-relevant hardware, software, and firmware to facilitate controlling access with least privilege.
>Supplemental Guidance
Related controls: AC-5, AC-6.
>Tailoring Guidance
Apply to custom developed systems or components.
Ask AI
Configure your API key to use AI features.