Update the system design, build, and implementation methodology to incorporate emerging standards.

CONTROL ID
07045

CONTROL TYPE
Establish/Maintain Documentation

CLASSIFICATION
Preventive

This Control directly supports the implied Control(s):

Establish, implement, and maintain a System Development Life Cycle program., CC ID: 11823

There are no implementation support Controls.

The system development methodology should be kept up-to-date to include new and emerging security standards and techniques (e.g., web services security, xml firewalls, data leakage protection, intrusion prevention, and Digital Rights Management). (CF.17.01.05d, The Standard of Good Practice for Information Security)
The system development methodology should be kept up-to-date to include new and emerging security standards and techniques (e.g., web services security, xml firewalls, data leakage protection, intrusion prevention, and Digital Rights Management). (CF.17.01.05d, The Standard of Good Practice for Information Security, 2013)
Guidelines on ethical use and design of AI and automated systems issued by government-related groups, regulators, standardization bodies, civil society, academia and industry associations. (§ 5.4.1 Table 2 Column 2 Row 2 Bullet 2, ISO/IEC 23894:2023, Information technology â Artificial intelligence â Guidance on risk management)
Domain-specific guidelines and frameworks related to AI. (§ 5.4.1 Table 2 Column 2 Row 2 Bullet 3, ISO/IEC 23894:2023, Information technology â Artificial intelligence â Guidance on risk management)
How current are existing systems. (App A Tier 1 Objectives and Procedures Objective 1:5 Bullet 2, FFIEC IT Examination Handbook - Retail Payment Systems, April 2016)