Determine the high-level information security and privacy requirements for the system or system service in mission and business process planning; Determine, document, and allocate the resources required to protect the system or system service as part of the organizational capital planning and investment control process; and Establish a discrete line item for information security and privacy in organizational programming and budgeting documentation.
Resource allocation for information security and privacy includes funding for system and services acquisition, sustainment, and supply chain-related risks throughout the system development life cycle.
the high-level information security requirements for the system or system service are determined in mission and business process planning; the high-level privacy requirements for the system or system service are determined in mission and business process planning; the resources required to protect the system or system service are determined and documented as part of the organizational capital planning and investment control process; the resources required to protect the system or system service are allocated as part of the organizational capital planning and investment control process; a discrete line item for information security is established in organizational programming and budgeting documentation; a discrete line item for privacy is established in organizational programming and budgeting documentation.
No cross-framework mappings available