>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PL-8Security and Privacy Architectures

>Control Description

a

Develop security and privacy architectures for the system that:

1.

Describe the requirements and approach to be taken for protecting the confidentiality, integrity, and availability of organizational information;

2.

Describe the requirements and approach to be taken for processing personally identifiable information to minimize privacy risk to individuals;

3.

Describe how the architectures are integrated into and support the enterprise architecture; and

4.

Describe any assumptions about, and dependencies on, external systems and services;

b

Review and update the architectures organization-defined frequency to reflect changes in the enterprise architecture; and

c

Reflect planned architecture changes in security and privacy plans, Concept of Operations (CONOPS), criticality analysis, organizational procedures, and procurements and acquisitions.

>Related Controls

CM-2
CM-6
PL-2
PL-7
PL-9
PM-5
PM-7
RA-9
SA-3
SA-5
SA-8
SA-17
SC-7

Ask AI

Configure your API key to use AI features.