CISSP - Security Architecture and Engineering - Section 3.3

Select controls based upon systems security requirements.

Use Common Criteria evaluation assurance levels (EALs) and formal security requirements to guide control selection for a target system. Weigh the assurance level needed against cost and operational constraints so that selected controls are proportionate to the system's risk profile.

Examworthy is not affiliated with or endorsed by (ISC)2. Original, blueprint-aligned practice material only.