Require the developer of the system, system component, or system service to follow a documented development process that explicitly addresses privacy requirements.
No STIG checks reference this CCI.