PRM-05
Cybersecurity & Data Protection Requirements Definition
Description
Mechanisms exist to identify critical system components and functions by performing a criticality analysis for critical Technology Assets, Applications and/or Services (TAAS) at pre-defined decision points in the Secure Development Life Cycle (SDLC).
Control Question
Does the organization identify critical system components and functions by performing a criticality analysis for critical Technology Assets, Applications and/or Services (TAAS) at pre-defined decision points in the Secure Development Life Cycle (SDLC)?
Control Metadata
Domain:
Project & Resource Management
Validation Cadence:
Annual
Evidence Request List:
E-PRM-03
Framework Mappings
This control maps to the following compliance frameworks
MAS TRM
5.1.15.1.25.1.35.1.45.3.35.5.15.5.25.6.15.6.25.6.3