How many controls does CISA Secure by Design Principles have?

CISA Secure by Design Principles contains 21 controls organized across 4 domains.

Where does CISA Secure by Design Principles apply?

CISA Secure by Design Principles is applicable in International. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does CISA Secure by Design Principles map to?

CISA Secure by Design Principles has control-to-control mappings with 475 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with CISA Secure by Design Principles compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

CISA Secure by Design Principles

CISA's Secure by Design initiative establishes principles for technology manufacturers to build security into their products from the ground up, rather than relying on customers to implement security after deployment. The guidance calls on manufacturers to take ownership of customer security outcomes, embrace radical transparency, and build organizational structures that prioritize security.

Domains

Principle 2 — Embrace Radical Transparency

Principle 1 — Take Ownership of Customer Security Outcomes

Secure Development Practices

Principle 3 — Build Organizational Structure and Leadership

Frequently Asked Questions

Map CISA Secure by Design Principles to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform