PL-8
Information Security Architecture
Progress Bar
Progress Bar
Progress Bar
The organization:
a. Develops an information security architecture for the information system that:
- Describes the overall philosophy, requirements, and approach to be taken with regard to protecting the confidentiality, integrity, and availability of organizational information;
- Describes how the information security architecture is integrated into and supports the enterprise architecture; and
- Describes any information security assumptions about, and dependencies on, external services;
b. Reviews and updates the information security architecture
Assignment: organization-defined frequency] to reflect updates in the enterprise architecture
PL-8b Parameter Requirement: At least annually.
c. Ensures that planned information security architecture changes are reflected in the security plan, the security Concept of Operations (CONOPS), and organizational procurements/acquisitions.