PR.PS-06—Secure software development practices are integrated, and their performance is monitored throughout the software development life cycle
>Control Description
This platform security subcategory ensures that secure software development practices are integrated, and their performance is monitored throughout the software development life cycle. Key activities include: Protect all components of organization-developed software from tampering and unauthorized access; Secure all software produced by the organization, with minimal vulnerabilities in their releases; Maintain the software used in production environments, and securely dispose of software once it is no longer needed.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
AIS-04
AIS-06
AIS-07
DSP-07
IVS-06
CIS Controls v8.0
16.1
CIS Controls v8.1
16.1
CRI Profile v2.0
PR.PS-06
PR.PS-06.01
PR.PS-06.02
PR.PS-06.03
PR.PS-06.04
PR.PS-06.05
PR.PS-06.06
PR.PS-06.07
+3 more
CSF v1.1
PR.IP-2
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 8.25
Annex A Controls: 8.28
NICE Framework
DD-WRL-001
DD-WRL-002
DD-WRL-003
DD-WRL-005
DD-WRL-008
IO-WRL-005
OG-WRL-016
PD-WRL-004
PCI DSS
6.2.3
6.2.2
6.3.2
11.4.4
SCF
TDA-01
TDA-01.1
TDA-06
TDA-06.1
TDA-06.2
TDA-09
SP 800-171 Rev 3
03.16.01
SP 800-53 Rev 5.1.1
SA-03
SA-08
SA-10
SA-11
SA-15
SA-17
SP 800-53 Rev 5.2.0
SA-03
SA-08
SA-10
SA-11
SA-15
SA-15(13)
SA-17
SA-24
Ask AI
Configure your API key to use AI features.