| TIP: NIST SP 800-53 r4 - Security Control Family: System and Services Acquisition

NIST SP 800-53 r4 - Security Control Family: System and Services Acquisition - Supplemental Controls, v4

Profile of requirements corresponding to all supplemental security controls in NIST Special Publication 800-53, r4, under the control family of System and Services Acquisition.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-system-and-services-acquisition---supplemental-controls/4/

Publication Date

2021-04-26

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, NIST, Security, Services Acquisition, System, Supplemental

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NISTSP80053r4SecurityControlSA43DevelopmentMethodsTechniquesPractices and TIP_NISTSP80053r4SecurityControlSA45SystemComponentServiceConfigurations and TIP_NISTSP80053r4SecurityControlSA46UseofInformationAssuranceProducts and TIP_NISTSP80053r4SecurityControlSA47NIAPApprovedProtectionProfiles and TIP_NISTSP80053r4SecurityControlSA48ContinuousMonitoringPlan and TIP_NISTSP80053r4SecurityControlSA91RiskAssessmentsOrganizationalApprovals and TIP_NISTSP80053r4SecurityControlSA93EstablishMaintainTrustRelationshipwithProviders and TIP_NISTSP80053r4SecurityControlSA94ConsistentInterestsofConsumersandProviders and TIP_NISTSP80053r4SecurityControlSA95ProcessingStorageandServiceLocation and TIP_NISTSP80053r4SecurityControlSA101SoftwareFirmwareIntegrityVerification and TIP_NISTSP80053r4SecurityControlSA102AlternativeConfigurationManagementProcesses and TIP_NISTSP80053r4SecurityControlSA103HardwareIntegrityVerification and TIP_NISTSP80053r4SecurityControlSA104TrustedGeneration and TIP_NISTSP80053r4SecurityControlSA105MappingIntegrityforVersionControl and TIP_NISTSP80053r4SecurityControlSA106TrustedDistribution and TIP_NISTSP80053r4SecurityControlSA111StaticCodeAnalysis and TIP_NISTSP80053r4SecurityControlSA112ThreatandVulnerabilityAnalyses and TIP_NISTSP80053r4SecurityControlSA113IndependentVerificationofAssessmentPlansEvidence and TIP_NISTSP80053r4SecurityControlSA114ManualCodeReviews and TIP_NISTSP80053r4SecurityControlSA115PenetrationTesting and TIP_NISTSP80053r4SecurityControlSA116AttackSurfaceReviews and TIP_NISTSP80053r4SecurityControlSA117VerifyScopeofTestingEvaluation and TIP_NISTSP80053r4SecurityControlSA118DynamicCodeAnalysis and TIP_NISTSP80053r4SecurityControlSA121AcquisitionStrategiesToolsMethods and TIP_NISTSP80053r4SecurityControlSA122SupplierReviews and TIP_NISTSP80053r4SecurityControlSA125LimitationofHarm and TIP_NISTSP80053r4SecurityControlSA127AssessmentsPriortoSelectionAcceptanceUpdate and TIP_NISTSP80053r4SecurityControlSA128UseofAllSourceIntelligence and TIP_NISTSP80053r4SecurityControlSA129OperationsSecurity and TIP_NISTSP80053r4SecurityControlSA1210ValidateasGenuineandNotAltered and TIP_NISTSP80053r4SecurityControlSA1211PenetrationTestingAnalysisofElementsProcessesandActors and TIP_NISTSP80053r4SecurityControlSA1212InterOrganizationalAgreements and TIP_NISTSP80053r4SecurityControlSA1213CriticalInformationSystemComponents and TIP_NISTSP80053r4SecurityControlSA1214IdentityandTraceability and TIP_NISTSP80053r4SecurityControlSA1215ProcessestoAddressWeaknessesorDeficiencies and TIP_NISTSP80053r4SecurityControlSA13Trustworthiness and TIP_NISTSP80053r4SecurityControlSA14CriticalityAnalysis and TIP_NISTSP80053r4SecurityControlSA151QualityMetrics and TIP_NISTSP80053r4SecurityControlSA152SecurityTrackingTools and TIP_NISTSP80053r4SecurityControlSA153CriticalityAnalysis and TIP_NISTSP80053r4SecurityControlSA154ThreatModelingVulnerabilityAnalysis and TIP_NISTSP80053r4SecurityControlSA155AttackSurfaceReduction and TIP_NISTSP80053r4SecurityControlSA156ContinuousImprovement and TIP_NISTSP80053r4SecurityControlSA157AutomatedVulnerabilityAnalysis and TIP_NISTSP80053r4SecurityControlSA158ReuseofThreatVulnerabilityInformation and TIP_NISTSP80053r4SecurityControlSA159UseofLiveData and TIP_NISTSP80053r4SecurityControlSA1510IncidentResponsePlan and TIP_NISTSP80053r4SecurityControlSA1511ArchiveInformationSystemComponent and TIP_NISTSP80053r4SecurityControlSA171FormalPolicyModel and TIP_NISTSP80053r4SecurityControlSA172SecurityRelevantComponents and TIP_NISTSP80053r4SecurityControlSA173FormalCorrespondence and TIP_NISTSP80053r4SecurityControlSA174InformalCorrespondence and TIP_NISTSP80053r4SecurityControlSA175ConceptuallySimpleDesign and TIP_NISTSP80053r4SecurityControlSA176StructureforTesting and TIP_NISTSP80053r4SecurityControlSA177StructureforLeastPrivilege and TIP_NISTSP80053r4SecurityControlSA18TamperResistanceandDetection and TIP_NISTSP80053r4SecurityControlSA181MultiplePhasesofSDLC and TIP_NISTSP80053r4SecurityControlSA182InspectionofInformationSystemsComponentsorDevices and TIP_NISTSP80053r4SecurityControlSA19ComponentAuthenticity and TIP_NISTSP80053r4SecurityControlSA191AntiCounterfeitTraining and TIP_NISTSP80053r4SecurityControlSA192ConfigurationControlforComponentServiceRepair and TIP_NISTSP80053r4SecurityControlSA193ComponentDisposal and TIP_NISTSP80053r4SecurityControlSA194AntiCounterfeitScanning and TIP_NISTSP80053r4SecurityControlSA20CustomizedDevelopmentofCriticalComponents and TIP_NISTSP80053r4SecurityControlSA21DeveloperScreening and TIP_NISTSP80053r4SecurityControlSA211ValidationofScreening and TIP_NISTSP80053r4SecurityControlSA22UnsupportedSystemComponents and TIP_NISTSP80053r4SecurityControlSA221AlternativeSourcesforContinuedSupport

References (68)

TIP NIST SP 800-53 r4 Security Control SA-4 (3): Development Methods / Techniques / Practices, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (3): Development Methods / Techniques / Practices.
ID	TIP_NISTSP80053r4SecurityControlSA43DevelopmentMethodsTechniquesPractices

TIP NIST SP 800-53 r4 Security Control SA-4 (5): System / Component / Service Configurations, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (5): System / Component / Service Configurations.
ID	TIP_NISTSP80053r4SecurityControlSA45SystemComponentServiceConfigurations

TIP NIST SP 800-53 r4 Security Control SA-4 (6): Use of Information Assurance Products, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (6): Use of Information Assurance Products.
ID	TIP_NISTSP80053r4SecurityControlSA46UseofInformationAssuranceProducts

TIP NIST SP 800-53 r4 Security Control SA-4 (7): NIAP-Approved Protection Profiles, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (7): NIAP-Approved Protection Profiles.
ID	TIP_NISTSP80053r4SecurityControlSA47NIAPApprovedProtectionProfiles

TIP NIST SP 800-53 r4 Security Control SA-4 (8): Continuous Monitoring Plan, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-4 (8): Continuous Monitoring Plan.
ID	TIP_NISTSP80053r4SecurityControlSA48ContinuousMonitoringPlan

TIP NIST SP 800-53 r4 Security Control SA-9 (1): Risk Assessments / Organizational Approvals, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-9 (1): Risk Assessments / Organizational Approvals.
ID	TIP_NISTSP80053r4SecurityControlSA91RiskAssessmentsOrganizationalApprovals

TIP NIST SP 800-53 r4 Security Control SA-9 (3): Establish / Maintain Trust Relationship with Providers, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-9 (3): Establish / Maintain Trust Relationship with Providers.
ID	TIP_NISTSP80053r4SecurityControlSA93EstablishMaintainTrustRelationshipwithProviders

TIP NIST SP 800-53 r4 Security Control SA-9 (4): Consistent Interests of Consumers and Providers, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-9 (4): Consistent Interests of Consumers and Providers.
ID	TIP_NISTSP80053r4SecurityControlSA94ConsistentInterestsofConsumersandProviders

TIP NIST SP 800-53 r4 Security Control SA-9 (5): Processing, Storage, and Service Location, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-9 (5): Processing, Storage, and Service Location.
ID	TIP_NISTSP80053r4SecurityControlSA95ProcessingStorageandServiceLocation

TIP NIST SP 800-53 r4 Security Control SA-10 (1): Software / Firmware Integrity Verification, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (1): Software / Firmware Integrity Verification.
ID	TIP_NISTSP80053r4SecurityControlSA101SoftwareFirmwareIntegrityVerification

TIP NIST SP 800-53 r4 Security Control SA-10 (2): Alternative Configuration Management Processes, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (2): Alternative Configuration Management Processes.
ID	TIP_NISTSP80053r4SecurityControlSA102AlternativeConfigurationManagementProcesses

TIP NIST SP 800-53 r4 Security Control SA-10 (3): Hardware Integrity Verification, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (3): Hardware Integrity Verification.
ID	TIP_NISTSP80053r4SecurityControlSA103HardwareIntegrityVerification

TIP NIST SP 800-53 r4 Security Control SA-10 (4): Trusted Generation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (4): Trusted Generation.
ID	TIP_NISTSP80053r4SecurityControlSA104TrustedGeneration

TIP NIST SP 800-53 r4 Security Control SA-10 (5): Mapping Integrity for Version Control, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (5): Mapping Integrity for Version Control.
ID	TIP_NISTSP80053r4SecurityControlSA105MappingIntegrityforVersionControl

TIP NIST SP 800-53 r4 Security Control SA-10 (6): Trusted Distribution, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10 (6): Trusted Distribution.
ID	TIP_NISTSP80053r4SecurityControlSA106TrustedDistribution

TIP NIST SP 800-53 r4 Security Control SA-11 (1): Static Code Analysis, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (1): Static Code Analysis.
ID	TIP_NISTSP80053r4SecurityControlSA111StaticCodeAnalysis

TIP NIST SP 800-53 r4 Security Control SA-11 (2): Threat and Vulnerability Analyses, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (2): Threat and Vulnerability Analyses.
ID	TIP_NISTSP80053r4SecurityControlSA112ThreatandVulnerabilityAnalyses

TIP NIST SP 800-53 r4 Security Control SA-11 (3): Independent Verification of Assessment Plans / Evidence, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (3): Independent Verification of Assessment Plans / Evidence.
ID	TIP_NISTSP80053r4SecurityControlSA113IndependentVerificationofAssessmentPlansEvidence

TIP NIST SP 800-53 r4 Security Control SA-11 (4): Manual Code Reviews, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (4): Manual Code Reviews.
ID	TIP_NISTSP80053r4SecurityControlSA114ManualCodeReviews

TIP NIST SP 800-53 r4 Security Control SA-11 (5): Penetration Testing, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (5): Penetration Testing.
ID	TIP_NISTSP80053r4SecurityControlSA115PenetrationTesting

TIP NIST SP 800-53 r4 Security Control SA-11 (6): Attack Surface Reviews, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (6): Attack Surface Reviews.
ID	TIP_NISTSP80053r4SecurityControlSA116AttackSurfaceReviews

TIP NIST SP 800-53 r4 Security Control SA-11 (7): Verify Scope of Testing / Evaluation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (7): Verify Scope of Testing / Evaluation.
ID	TIP_NISTSP80053r4SecurityControlSA117VerifyScopeofTestingEvaluation

TIP NIST SP 800-53 r4 Security Control SA-11 (8): Dynamic Code Analysis, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11 (8): Dynamic Code Analysis.
ID	TIP_NISTSP80053r4SecurityControlSA118DynamicCodeAnalysis

TIP NIST SP 800-53 r4 Security Control SA-12 (1): Acquisition Strategies / Tools / Methods, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (1): Acquisition Strategies / Tools / Methods.
ID	TIP_NISTSP80053r4SecurityControlSA121AcquisitionStrategiesToolsMethods

TIP NIST SP 800-53 r4 Security Control SA-12 (2): Supplier Reviews, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (2): Supplier Reviews.
ID	TIP_NISTSP80053r4SecurityControlSA122SupplierReviews

TIP NIST SP 800-53 r4 Security Control SA-12 (5): Limitation of Harm, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (5): Limitation of Harm.
ID	TIP_NISTSP80053r4SecurityControlSA125LimitationofHarm

TIP NIST SP 800-53 r4 Security Control SA-12 (7): Assessments Prior to Selection / Acceptance / Update, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (7): Assessments Prior to Selection / Acceptance / Update.
ID	TIP_NISTSP80053r4SecurityControlSA127AssessmentsPriortoSelectionAcceptanceUpdate

TIP NIST SP 800-53 r4 Security Control SA-12 (8): Use of All-Source Intelligence, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (8): Use of All-Source Intelligence.
ID	TIP_NISTSP80053r4SecurityControlSA128UseofAllSourceIntelligence

TIP NIST SP 800-53 r4 Security Control SA-12 (9): Operations Security, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (9): Operations Security.
ID	TIP_NISTSP80053r4SecurityControlSA129OperationsSecurity

TIP NIST SP 800-53 r4 Security Control SA-12 (10): Validate as Genuine and Not Altered, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (10): Validate as Genuine and Not Altered.
ID	TIP_NISTSP80053r4SecurityControlSA1210ValidateasGenuineandNotAltered

TIP NIST SP 800-53 r4 Security Control SA-12 (11): Penetration Testing / Analysis of Elements, Processes, and Actors, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (11): Penetration Testing / Analysis of Elements, Processes, and Actors.
ID	TIP_NISTSP80053r4SecurityControlSA1211PenetrationTestingAnalysisofElementsProcessesandActors

TIP NIST SP 800-53 r4 Security Control SA-12 (12): Inter-Organizational Agreements, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (12): Inter-Organizational Agreements.
ID	TIP_NISTSP80053r4SecurityControlSA1212InterOrganizationalAgreements

TIP NIST SP 800-53 r4 Security Control SA-12 (13): Critical Information System Components, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (13): Critical Information System Components.
ID	TIP_NISTSP80053r4SecurityControlSA1213CriticalInformationSystemComponents

TIP NIST SP 800-53 r4 Security Control SA-12 (14): Identity and Traceability, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (14): Identity and Traceability.
ID	TIP_NISTSP80053r4SecurityControlSA1214IdentityandTraceability

TIP NIST SP 800-53 r4 Security Control SA-12 (15): Processes to Address Weaknesses or Deficiencies, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-12 (15): Processes to Address Weaknesses or Deficiencies.
ID	TIP_NISTSP80053r4SecurityControlSA1215ProcessestoAddressWeaknessesorDeficiencies

TIP NIST SP 800-53 r4 Security Control SA-13: Trustworthiness, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-13: Trustworthiness.
ID	TIP_NISTSP80053r4SecurityControlSA13Trustworthiness

TIP NIST SP 800-53 r4 Security Control SA-14: Criticality Analysis, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-14: Criticality Analysis.
ID	TIP_NISTSP80053r4SecurityControlSA14CriticalityAnalysis

TIP NIST SP 800-53 r4 Security Control SA-15 (1): Quality Metrics, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (1): Quality Metrics.
ID	TIP_NISTSP80053r4SecurityControlSA151QualityMetrics

TIP NIST SP 800-53 r4 Security Control SA-15 (2): Security Tracking Tools, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (2): Security Tracking Tools.
ID	TIP_NISTSP80053r4SecurityControlSA152SecurityTrackingTools

TIP NIST SP 800-53 r4 Security Control SA-15 (3): Criticality Analysis, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (3): Criticality Analysis.
ID	TIP_NISTSP80053r4SecurityControlSA153CriticalityAnalysis

TIP NIST SP 800-53 r4 Security Control SA-15 (4): Threat Modeling / Vulnerability Analysis, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (4): Threat Modeling / Vulnerability Analysis.
ID	TIP_NISTSP80053r4SecurityControlSA154ThreatModelingVulnerabilityAnalysis

TIP NIST SP 800-53 r4 Security Control SA-15 (5): Attack Surface Reduction, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (5): Attack Surface Reduction.
ID	TIP_NISTSP80053r4SecurityControlSA155AttackSurfaceReduction

TIP NIST SP 800-53 r4 Security Control SA-15 (6): Continuous Improvement, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (6): Continuous Improvement.
ID	TIP_NISTSP80053r4SecurityControlSA156ContinuousImprovement

TIP NIST SP 800-53 r4 Security Control SA-15 (7): Automated Vulnerability Analysis, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (7): Automated Vulnerability Analysis.
ID	TIP_NISTSP80053r4SecurityControlSA157AutomatedVulnerabilityAnalysis

TIP NIST SP 800-53 r4 Security Control SA-15 (8): Reuse of Threat / Vulnerability Information, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (8): Reuse of Threat / Vulnerability Information.
ID	TIP_NISTSP80053r4SecurityControlSA158ReuseofThreatVulnerabilityInformation

TIP NIST SP 800-53 r4 Security Control SA-15 (9): Use of Live Data, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (9): Use of Live Data.
ID	TIP_NISTSP80053r4SecurityControlSA159UseofLiveData

TIP NIST SP 800-53 r4 Security Control SA-15 (10): Incident Response Plan, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (10): Incident Response Plan.
ID	TIP_NISTSP80053r4SecurityControlSA1510IncidentResponsePlan

TIP NIST SP 800-53 r4 Security Control SA-15 (11): Archive Information System / Component, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-15 (11): Archive Information System / Component.
ID	TIP_NISTSP80053r4SecurityControlSA1511ArchiveInformationSystemComponent

TIP NIST SP 800-53 r4 Security Control SA-17 (1): Formal Policy Model, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (1): Formal Policy Model.
ID	TIP_NISTSP80053r4SecurityControlSA171FormalPolicyModel

TIP NIST SP 800-53 r4 Security Control SA-17 (2): Security-Relevant Components, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (2): Security-Relevant Components.
ID	TIP_NISTSP80053r4SecurityControlSA172SecurityRelevantComponents

TIP NIST SP 800-53 r4 Security Control SA-17 (3): Formal Correspondence, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (3): Formal Correspondence.
ID	TIP_NISTSP80053r4SecurityControlSA173FormalCorrespondence

TIP NIST SP 800-53 r4 Security Control SA-17 (4): Informal Correspondence, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (4): Informal Correspondence.
ID	TIP_NISTSP80053r4SecurityControlSA174InformalCorrespondence

TIP NIST SP 800-53 r4 Security Control SA-17 (5): Conceptually Simple Design, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (5): Conceptually Simple Design.
ID	TIP_NISTSP80053r4SecurityControlSA175ConceptuallySimpleDesign

TIP NIST SP 800-53 r4 Security Control SA-17 (6): Structure for Testing, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (6): Structure for Testing.
ID	TIP_NISTSP80053r4SecurityControlSA176StructureforTesting

TIP NIST SP 800-53 r4 Security Control SA-17 (7): Structure for Least Privilege, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-17 (7): Structure for Least Privilege.
ID	TIP_NISTSP80053r4SecurityControlSA177StructureforLeastPrivilege

TIP NIST SP 800-53 r4 Security Control SA-18: Tamper Resistance and Detection, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-18: Tamper Resistance and Detection.
ID	TIP_NISTSP80053r4SecurityControlSA18TamperResistanceandDetection

TIP NIST SP 800-53 r4 Security Control SA-18 (1): Multiple Phases of SDLC, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-18 (1): Multiple Phases of SDLC.
ID	TIP_NISTSP80053r4SecurityControlSA181MultiplePhasesofSDLC

TIP NIST SP 800-53 r4 Security Control SA-18 (2): Inspection of Information Systems, Components, or Devices, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-18 (2): Inspection of Information Systems, Components, or Devices.
ID	TIP_NISTSP80053r4SecurityControlSA182InspectionofInformationSystemsComponentsorDevices

TIP NIST SP 800-53 r4 Security Control SA-19: Component Authenticity, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-19: Component Authenticity.
ID	TIP_NISTSP80053r4SecurityControlSA19ComponentAuthenticity

TIP NIST SP 800-53 r4 Security Control SA-19 (1): Anti-Counterfeit Training, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-19 (1): Anti-Counterfeit Training.
ID	TIP_NISTSP80053r4SecurityControlSA191AntiCounterfeitTraining

TIP NIST SP 800-53 r4 Security Control SA-19 (2): Configuration Control for Component Service / Repair, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-19 (2): Configuration Control for Component Service / Repair.
ID	TIP_NISTSP80053r4SecurityControlSA192ConfigurationControlforComponentServiceRepair

TIP NIST SP 800-53 r4 Security Control SA-19 (3): Component Disposal, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-19 (3): Component Disposal.
ID	TIP_NISTSP80053r4SecurityControlSA193ComponentDisposal

TIP NIST SP 800-53 r4 Security Control SA-19 (4): Anti-Counterfeit Scanning, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-19 (4): Anti-Counterfeit Scanning.
ID	TIP_NISTSP80053r4SecurityControlSA194AntiCounterfeitScanning

TIP NIST SP 800-53 r4 Security Control SA-20: Customized Development of Critical Components, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-20: Customized Development of Critical Components.
ID	TIP_NISTSP80053r4SecurityControlSA20CustomizedDevelopmentofCriticalComponents

TIP NIST SP 800-53 r4 Security Control SA-21: Developer Screening, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-21: Developer Screening.
ID	TIP_NISTSP80053r4SecurityControlSA21DeveloperScreening

TIP NIST SP 800-53 r4 Security Control SA-21 (1): Validation of Screening, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-21 (1): Validation of Screening.
ID	TIP_NISTSP80053r4SecurityControlSA211ValidationofScreening

TIP NIST SP 800-53 r4 Security Control SA-22: Unsupported System Components, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-22: Unsupported System Components.
ID	TIP_NISTSP80053r4SecurityControlSA22UnsupportedSystemComponents

TIP NIST SP 800-53 r4 Security Control SA-22 (1): Alternative Sources for Continued Support, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-22 (1): Alternative Sources for Continued Support.
ID	TIP_NISTSP80053r4SecurityControlSA221AlternativeSourcesforContinuedSupport

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON