2.4.5.15
| Req No | Requirement | Compliance Class And Applicability | Primary Keyword | Secondary Keyword |
|---|---|---|---|---|
| 2.4.5.15 | The software must be architected to identify and ring fence sensitive software components, including cryptographic processes, to aid inspection, review and test. The access from other software components must be controlled and restricted to known and acceptable operations. For example security related processes should be executed at higher privilege levels in the application processor hardware. | Mandatory for Class 1 and above | Business | Process |