| TIP: NIST SP 800-53 r4 - Security Control Family: System and Services Acquisition

NIST SP 800-53 r4 - Security Control Family: System and Services Acquisition - Controls for MODERATE Impact Systems, v4

Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of System and Services Acquisition.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-system-and-services-acquisition---controls-for-moderate-impact-systems/4/

Publication Date

2021-04-26

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, NIST, Security, Services Acquisition, System, Moderate

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NISTSP80053r4SecurityControlFamilySystemandServicesAcquisitionControlsforLOWImpactSystems and TIP_NISTSP80053r4SecurityControlSA1SystemandServicesAcquisitionPolicyandProcedures and TIP_NISTSP80053r4SecurityControlSA2AllocationofResources and TIP_NISTSP80053r4SecurityControlSA3SystemDevelopmentLifeCycle and TIP_NISTSP80053r4SecurityControlSA4AcquisitionProcess and TIP_NISTSP80053r4SecurityControlSA41FunctionalPropertiesofSecurityControls and TIP_NISTSP80053r4SecurityControlSA42DesignImplementationInformationforSecurityControls and TIP_NISTSP80053r4SecurityControlSA49FunctionsPortsProtocolsServicesinUse and TIP_NISTSP80053r4SecurityControlSA410UseofApprovedPIVProducts and TIP_NISTSP80053r4SecurityControlSA5InformationSystemDocumentation and TIP_NISTSP80053r4SecurityControlSA8SecurityEngineeringPrinciples and TIP_NISTSP80053r4SecurityControlSA9ExternalInformationSystemServices and TIP_NISTSP80053r4SecurityControlSA92IdentificationofFunctionsPortsProtocolsServices and TIP_NISTSP80053r4SecurityControlSA10DeveloperConfigurationManagement and TIP_NISTSP80053r4SecurityControlSA11DeveloperSecurityTestingandEvaluation

References (15)

TIP NIST SP 800-53 r4 - Security Control Family: System and Services Acquisition - Controls for LOW Impact Systems, v4
Description	Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4, under the control family of System and Services Acquisition.
ID	TIP_NISTSP80053r4SecurityControlFamilySystemandServicesAcquisitionControlsforLOWImpactSystems

TIP NIST SP 800-53 r4 Security Control SA-1: System and Services Acquisition Policy and Procedures, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-1: System and Services Acquisition Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA1SystemandServicesAcquisitionPolicyandProcedures

TIP NIST SP 800-53 r4 Security Control SA-2: Allocation of Resources, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-2: Allocation of Resources. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA2AllocationofResources

TIP NIST SP 800-53 r4 Security Control SA-3: System Development Life Cycle, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-3: System Development Life Cycle. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA3SystemDevelopmentLifeCycle

TIP NIST SP 800-53 r4 Security Control SA-4: Acquisition Process, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4: Acquisition Process. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA4AcquisitionProcess

TIP NIST SP 800-53 r4 Security Control SA-4 (1): Functional Properties of Security Controls, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (1): Functional Properties of Security Controls. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA41FunctionalPropertiesofSecurityControls

TIP NIST SP 800-53 r4 Security Control SA-4 (2): Design / Implementation Information for Security Controls, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (2): Design / Implementation Information for Security Controls. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA42DesignImplementationInformationforSecurityControls

TIP NIST SP 800-53 r4 Security Control SA-4 (9): Functions / Ports / Protocols / Services in Use, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (9): Functions / Ports / Protocols / Services in Use. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA49FunctionsPortsProtocolsServicesinUse

TIP NIST SP 800-53 r4 Security Control SA-4 (10): Use of Approved PIV Products, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (10): Use of Approved PIV Products. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA410UseofApprovedPIVProducts

TIP NIST SP 800-53 r4 Security Control SA-5: Information System Documentation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-5: Information System Documentation. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA5InformationSystemDocumentation

TIP NIST SP 800-53 r4 Security Control SA-8: Security Engineering Principles, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-8: Security Engineering Principles. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA8SecurityEngineeringPrinciples

TIP NIST SP 800-53 r4 Security Control SA-9: External Information System Services, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-9: External Information System Services. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA9ExternalInformationSystemServices

TIP NIST SP 800-53 r4 Security Control SA-9 (2): Identification of Functions / Ports / Protocols / Services, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-9 (2): Identification of Functions / Ports / Protocols / Services. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA92IdentificationofFunctionsPortsProtocolsServices

TIP NIST SP 800-53 r4 Security Control SA-10: Developer Configuration Management, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10: Developer Configuration Management. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA10DeveloperConfigurationManagement

TIP NIST SP 800-53 r4 Security Control SA-11: Developer Security Testing and Evaluation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11: Developer Security Testing and Evaluation. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlSA11DeveloperSecurityTestingandEvaluation

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON