STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← All Controls

SA-3

System and Services AcquisitionRev 5

System Development Life Cycle

CCI Identifiers (16)

CCI-000615Manage the system using an organization-defined system development life cycle that incorporates information security considerations.CCI-000616Define and document information system security roles and responsibilities throughout the system development life cycle.CCI-000617The organization documents information system security roles and responsibilities throughout the system development life cycle.CCI-000618Identify individuals having information system security roles and responsibilities.CCI-003092Defines a system development life cycle that is used to manage the system.CCI-003093Integrate the organizational information security risk management process into system development life cycle activities.CCI-004669Acquire the system using an organization-defined system development life cycle that incorporates information security considerations.CCI-004670Acquire the system using an organization-defined system development life cycle that incorporates information privacy considerations.CCI-004671Develop the system using an organization-defined system development life cycle that incorporates information security considerations.CCI-004672Develop the system using an organization-defined system development life cycle that incorporates information privacy considerations.CCI-004673Manage the system using an organization-defined system development life cycle that incorporates information privacy considerations.CCI-004674Defines a system development life cycle that is used to develop the system.CCI-004675Defines a system development life cycle that is used to acquire the system.CCI-004676Define and document information system privacy roles and responsibilities throughout the system development life cycle.CCI-004677Identify individuals having information system privacy roles and responsibilities.CCI-004678Integrate the organizational information privacy risk management process into system development life cycle activities.

Linked STIG Checks (0)

No STIG checks reference this control.