Category: SA

RMF Control SA-10: Developer Configuration Management requires organizations to ensure that software and firmware components distributed to the organization are exactly as specified by the master copies. This is important…

RMF Control SA-5: System Documentation requires organizations to develop and maintain documentation for their information systems. This documentation should describe the information system, its components, and its security controls. Supplemental…