TDA-02 ยท Minimum Viable Product (MVP) Security Requirements

Control Description

Mechanisms exist to design, develop and produce Technology Assets, Applications and/or Services (TAAS) in such a way that risk-based technical and functional specifications ensure Minimum Viable Product (MVP) criteria establish an appropriate level of security and resiliency based on applicable risks and threats.

Control Question
Assessment question for control validation

Does the organization design, develop and produce Technology Assets, Applications and/or Services (TAAS) in such a way that risk-based technical and functional specifications ensure Minimum Viable Product (MVP) criteria establish an appropriate level of security and resiliency based on applicable risks and threats?

Control Weighting
9
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: TDA-02
ESP Level 1: TDA-02
ESP Level 2: TDA-02
ESP Level 3: TDA-02
Additional Metadata
Applicability (Process):
x
Errata & Additional Notes

- wordsmithed control