The college shall ensure that all applications developed adhere to secure coding principles as outlined in NIST 800-53r5 controls to mitigate cyber risks and protect sensitive information from unauthorized access or modification.

The college shall ensure that third-party management controls are implemented as part of the cybersecurity governance framework to mitigate risks associated with vendors and external service providers.