https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-pl-8_-information-security-architecture/4/NIST SP 800-53 r4 Security Control PL-8: Information Security Architecture4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control PL-8: Information Security Architecture. Applicable to MODERATE impact and HIGH impact systems.2021-04-26T00:00:00.000ZfalseThis document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/TMIPRIMARYhelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/800-53HighInformation Security ArchitectureModerateNISTP1PlanningSecurityhttps://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture-integrated-with-enterprise-architecture/1.0/1Information Security Architecture Integrated With Enterprise Architecture1.0Defines conformance and assessment criteria for verifying that an organization develops an information security architecture for the information system that describes how the information security architecture is integrated into and supports the enterprise architecture.https://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture---review-and-update/1.0/2Information Security Architecture - Review and Update1.0Defines conformance and assessment criteria for verifying that an organization reviews and updates the information security architecture at an organization-defined frequency to reflect updates in the enterprise architecture.https://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture---approach/1.0/3Information Security Architecture - Approach1.0Defines conformance and assessment criteria for verifying that an organization develops an information security architecture for the information system that describes the overall philosophy, requirements, and approach to be taken with regard to protecting the confidentiality, integrity, and availability of organizational information.https://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture---security-plan/1.0/4Information Security Architecture - Security Plan1.0Defines conformance and assessment criteria for verifying that an organization ensures that planned information security architecture changes are reflected in the security plan.https://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture---organizational-procurement/1.0/5Information Security Architecture - Organizational Procurement1.0Defines conformance and assessment criteria for verifying that an organization ensures that planned information security architecture changes are reflected in organizational procurements/acquisitions.https://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture---security-conops/1.0/6Information Security Architecture - Security CONOPS1.0Defines conformance and assessment criteria for verifying that an organization ensures that planned information security architecture changes are reflected in the security Concept of Operations (CONOPS).https://artifacts.trustmarkinitiative.org/lib/tds/information-security-architecture-addresses-external-services/1.0/7Information Security Architecture Addresses External Services1.0Defines conformance and assessment criteria for verifying that an organization develops an information security architecture for the information system that describes any information security assumptions about, and dependencies on, external services.SP800-53R4NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at <a href="http://dx.doi.org/10.6028/NIST.SP.800-53r4">http://dx.doi.org/10.6028/NIST.SP.800-53r4</a>.