SEA-01
Secure Engineering Principles
Description
Mechanisms exist to facilitate the implementation of industry-recognized cybersecurity and data protection practices in the specification, design, development, implementation and modification of Technology Assets, Applications and/or Services (TAAS).
Control Question
Does the organization facilitate the implementation of industry-recognized cybersecurity and data protection practices in the specification, design, development, implementation and modification of Technology Assets, Applications and/or Services (TAAS)?
Control Metadata
Domain:
Secure Engineering & Architecture
Validation Cadence:
Annual
Evidence Request List:
E-TDA-01 E-TDA-02 E-TDA-04 E-TDA-08 E-TDA-09
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS234
1518
MAS TRM
5.6.15.6.25.6.311.2.8
HKIA GL20
3.13.23.33.4