CoreOS 4.x - System and Services Acquisition

Control responses for NIST 800-53 rev4.

NOTE: All CoreOS content is under active development through the ComplianceAsCode Project. Do not consider this content production ready!


Requirements Traceability Matrix

Control Name Status
SA-1 System And Services Acquisition Policy And Procedures

not applicable

SA-2 Allocation Of Resources

not applicable

SA-3 System Development Life Cycle

not applicable

SA-4 Acquisition Process

not applicable

SA-4 (1) Functional Properties Of Security Controls

planned

SA-4 (2) Design / Implementation Information For Security Controls

planned

SA-4 (3) Development Methods / Techniques / Practices

planned

SA-4 (4) Assignment Of Components To Systems

not applicable

SA-4 (5) System / Component / Service Configurations

planned

SA-4 (6) Use Of Information Assurance Products

planned

SA-4 (7) Niap-Approved Protection Profiles

planned

SA-4 (8) Continuous Monitoring Plan

planned

SA-4 (9) Functions / Ports / Protocols / Services In Use

planned

SA-4 (10) Use Of Approved Piv Products

not applicable

SA-5 Information System Documentation

not applicable

SA-5 (1) Functional Properties Of Security Controls

not applicable

SA-5 (2) Security-Relevant External System Interfaces

not applicable

SA-5 (3) High-Level Design

not applicable

SA-5 (4) Low-Level Design

not applicable

SA-5 (5) Source Code

not applicable

SA-6 Software Usage Restrictions

not applicable

SA-7 User-Installed Software