How Can We Help?
Process of capturing and refining information protection requirements to ensure their integration into information systems acquisition and information systems development through purposeful security design or configuration.
SOURCE: CNSSI-4009
Process that captures and refines information security requirements and ensures their integration into information technology component products and information systems through purposeful security design or configuration.
SOURCE: SP 800-37
