>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SA-11Developer Testing and Evaluation

>Control Description

Require the developer of the system, system component, or system service, at all post-design stages of the system development life cycle, to: a. Develop and implement a plan for ongoing security and privacy control assessments; b. Perform [Selection (one or more): unit; integration; system; regression] testing/evaluation organization-defined frequency at organization-defined depth and coverage; c. Produce evidence of the execution of the assessment plan and the results of the testing and evaluation; d. Implement a verifiable flaw remediation process; and e. Correct flaws identified during testing and evaluation.

>Related Controls

CA-2
CA-7
CM-4
SA-3
SA-4
SA-5
SA-8
SA-15
SA-17
SI-2
SR-5
SR-6
SR-7

Ask AI

Configure your API key to use AI features.