Principles in this category focus on ensuring only authorized users and systems have access to resources, mitigating unauthorized activities, and enhancing overall system security.

 

• ISAU-RP-01 Least Privilege: Scenario: Managing a breach due to excessive permissions.

• ISAU-RP-02 Zero Trust: Scenario: Secure remote work environment configuration.

• ISAU-RP-03 Complete Mediation: Scenario: Ensuring continuous authorization to sensitive databases.

​

Explore Access Control Scenarios on our ISAU YouTube Channel.

These principles emphasize building security directly into system designs, minimizing vulnerabilities, and creating robust, resilient architectures.

​

• ISAU-RP-04 Defense in Depth: Scenario: Preventing multi-stage ransomware attacks.

• ISAU-RP-05 Secure by Design: Scenario: Integrating security in agile software development.

• ISAU-RP-06 Minimize Attack Surface: Scenario: Reducing vulnerabilities in cloud deployments.

• ISAU-RP-07 Economy of Mechanism: Scenario: Simplifying complex systems to enhance security.

• ISAU-RP-08 Open Design: Scenario: Ensuring security without relying on secrecy.

• ISAU-RP-09 Fail-Safe Defaults: Scenario: Maintaining secure defaults after a system crash.

• ISAU-RP-10 Secure Defaults: Scenario: Configuring new applications securely from day one.​​

Governance and policy principles guide organizations in embedding security within their practices, processes, and development cycles to foster proactive risk management.

​

• ISAU-RP-11 Separation of Duties: Scenario: Avoiding fraud through clearly divided roles.

• ISAU-RP-12 Security as Code: Scenario: Automating security checks within CI/CD pipelines.

• ISAU-RP-13 Plan Security Readiness: Scenario: Preparing incident response plans proactively.

These principles focus on enhancing the ability of systems to withstand, quickly recover from, and learn from security incidents and disruptions.

​

• ISAU-RP-14 Resilience & Recovery: Scenario: Quickly recovering from a major DDoS attack.

• ISAU-RP-15 Evidence Production: Scenario: Using logging effectively during forensic analysis.

• ISAU-RP-16 Make Compromise Detection Easier: Scenario: Enhancing detection of advanced persistent threats.

Principles in this category address protecting data through robust encryption methods, ensuring confidentiality, integrity, and availability under all conditions.

​

• ISAU-RP-17 Cryptographic Agility: Scenario: Rapid response to compromised cryptographic algorithms.

• ISAU-RP-18 Protect Confidentiality: Scenario: Securing sensitive customer data in transit and at rest.

• ISAU-RP-19 Protect Integrity: Scenario: Preventing data tampering in critical systems.

• ISAU-RP-20 Protect Availability: Scenario: Ensuring service availability during high-traffic events.