Require that the developer of [Assignment: organization-defined system, system component, or system service]: a. Has appropriate access authorizations as determined by assigned [Assignment: organization-defined official government duties]; and b. Satisfies the following additional personnel screening criteria: [Assignment: organization-defined additional personnel screening criteria].
ID | Name | Description | D3FEND |
ID | Description |
Requirement | Rationale/Additional Guidance/Notes |
---|---|
The [organization] shall describe the process used to ensure that development team members working on the spacecrafts have appropriate access authorizations and satisfy [organization] defined screening that commensurate with increasing level of risk and responsibility for access to, or use of, different levels of sensitive information.{SA-21} |
ID | Name | Description |
---|