home || catalog: SP800-53rev3 / class: Management / family: (SA) System and Services Acquisition ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA

SA-01
SA-02
SA-03 *
SA-04
SA-05
SA-06
SA-07
SA-08
SA-09
SA-10
SA-11
SA-12
SA-13
SA-14

SC
SI
MMMMM

  SA-03: Life Cycle Support  

base control objective:
The organization:
a. Manages the information system using a system development life cycle methodology that includes information security considerations;
b. Defines and documents information system security roles and responsibilities throughout the system development life cycle; and
c. Identifies individuals having information system security roles and responsibilities.

supplemental objective information:
None.

enhancements to the base objective:

(1) None.

mapping to FIPS199 baseline:

  LOW: base     MOD: base     HIGH: base  

related (regimented) controls:

PM-07   Enterprise Architecture

documents referenced in SP800-53rev3 for SA-03:

Document Date Status Title
NIST SP800-12 October, 1995 current   An Introduction to Computer Security: The NIST Handbook
NIST SP800-14 September, 1996 current   Generally Accepted Principles and Practices for Securing Information Technology Systems
NIST SP800-21 December, 2005 current   Guideline for Implementing Cryptography in the Federal Government
NIST SP800-27 June, 2004 current   Engineering Principles for Information Technology Security (A Baseline for Achieving Security)
NIST SP800-30 July 2002 groan...   Risk Management Guide for Information Technology Systems
NIST SP800-34 May, 2010 current   Contingency Planning Guide for Information Technology Systems
NIST SP800-35 October, 2003 current   Guide to Information Technology Security Services
NIST SP800-39 December, 2010 DRAFT   Integrated Enterprise-Wide Risk Management: Organization, Mission, and Information System View
NIST SP800-64 October, 2008 current   Security Considerations in the Information System Development Life Cycle
NIST SP800-97 SP800-97 DRAFT   Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i
NIST SP800-98 September, 2006 DRAFT   Guidelines for Securing Radio Frequency Identification (RFID) Systems

Search SP800-53rev3 catalog: