Develop security and privacy architectures for the system that: Describe the requirements and approach to be taken for protecting the confidentiality, integrity, and availability of organizational information; Describe the requirements and approach to be taken for processing personally identifiable information to minimize privacy risk to individuals; Describe how the architectures are integrated into and support the enterprise architecture; and Describe any assumptions about, and dependencies on, external systems and services; Review and update the architectures {{ insert: param, pl-08_odp }} to reflect changes in the enterprise architecture; and Reflect planned architecture changes in security and privacy plans, Concept of Operations (CONOPS), criticality analysis, organizational procedures, and procurements and acquisitions.

Design the security and privacy architectures for the system using a defense-in-depth approach that: Allocates {{ insert: param, pl-08.01_odp.01 }} to {{ insert: param, pl-08.01_odp.02 }} ; and Ensures that the allocated controls operate in a coordinated and mutually reinforcing manner.

Require that {{ insert: param, pl-08.02_odp.01 }} allocated to {{ insert: param, pl-08.02_odp.02 }} are obtained from different suppliers.