P.1 Develop security requirements

The development of software-related objectives and expectations to protect the service and data at the core of the application.

Controls

P.1.1 Product security requirements

Identify and document security requirements for organization-developed software, including AI models

P.1.2 Software release integrity

Provide software acquirers assurance that the software they acquire is legitimate and has not been tampered with.