SA-03 Life Cycle Support
Control: The organization manages the information system using a system development life cycle methodology that includes information security considerations.
Supplemental Guidance: NIST Special Publication 800-64 provides guidance on security considerations in the system development life cycle.
Control Enhancements: (0) None.
Baseline: LOW SA-3 MOD SA-3 HIGH SA-3
Family: System And Services Acquisition
ISO 17799 mapping: None.
COBIT 4.1 mapping: PO8.3, AI2.7
PCI-DSS v2 mapping: 6.3