Require the developer of the system, system component, or system service to produce a design specification and security architecture that accurately and completely describes the required security functionality.
No STIG checks reference this CCI.