Acquisition, Development, And Installation Controls

Acquisition, Development, And Installation Controls definition in Computer Security terms:

Acronym(s): None

Definition(s): The process of assuring that adequate controls are considered, evaluated, selected, designed and built into the system during its early planning and development stages and that an on-going process is established to ensure continued operation at an acceptable level of risk during the installation, implementation and operation stages.
Source(s): NIST SP 800-16

Synonym(s): None

 

reference: CSRC Glossary