Select and Implement Security Controls

  • Use NIST SP 800-53 as the control baseline, selecting appropriate technical, management, and operational controls.

  • Integrate controls into system design using secure engineering principles from SP 800-160.

  • Key controls include:

    • Zero Trust Architecture (ZTA)

    • Encryption and key management

    • Access control and authentication (MFA)

    • Smart contract integrity checks

    • AI governance with bias mitigation and explainability

  • References:

PreviousCategorise Information and SystemsNextAssess Control Effectiveness

Last updated