Mechanisms exist to require system developers/integrators consult with cybersecurity & data privacy personnel to: ▪ Create and implement a Security Test and Evaluation (ST&E) plan; ▪ Implement a verifiable flaw remediation process to correct weaknesses and deficiencies identified during the security testing and evaluation process; and ▪ Document the results of the security testing/evaluation and flaw remediation processes.
Parent
Compliance Framework
Secure Controls Framework 2023.4
Control Number
TDA-09
Related
Compliance Framework
CIS v8.0
CIS v8.0
CIS v8.0
CCM v4.0.10
CCM v4.0.10
ISO 27002:2022
ISO 27002:2022
NIST 800-53 Rev 5
NIST 800-53 Rev 5
NIST 800-53 Rev 5
NIST 800-53 Rev 5
CERT RMM v1.2
CERT RMM v1.2
CERT RMM v1.2
CERT RMM v1.2
CERT RMM v1.2
CERT RMM v1.2
CERT RMM v1.2