>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PL-7Security Concepts Of Operation

PBMM (P1)
Secret (P1)
Management

>Control Description

(A) The organization develops a security Concept of Operations (CONOPS) for the information system containing at a minimum, how the organization intends to operate the system from the perspective of information security. (B) The organization Reviews and updates the CONOPS organization-defined frequency.

>Supplemental Guidance

The security CONOPS may be included in the security plan for the information system or in other system development life cycle-related documents, as appropriate. Changes to the CONOPS are reflected in ongoing updates to the security plan, the information security architecture, and other appropriate organizational documents (e.g., security specifications for procurements/acquisitions, system development life cycle documents and systems/security engineering documents). Related control: PL-2

>Profile-Specific Parameters

(B) frequency [at a period no longer than every 3 years or whenever a significant system change occurs]

Ask AI

Configure your API key to use AI features.