The key design, architectural, and implementation choices made by organizations to satisfy specified security requirements for systems or system components.

Source: NIST SP 800-172A | Category: