This Tactical Tier control triangle seeks to design the interfaces between systems, applications, and users, ensuring they meet specific solution requirements and align with the organisation’s overall Business Architecture and Design principles.

This control rolls down from the Deliver Solution Domain and cascades into: 2.1.3.1- User Interface, 2.1.3.2-Database Interface, and 2.1.3.3-Application Interface controls.

---

Control Mappings:
Cobit:2019 ➡️ BAI02; BAI02.01; BAI03; BAI03.02
ITIL:v4 ➡️ SM27; TM34
CIS:v8 ➡️ Application Software Security; Apply Secure Design Principles in Application Architectures; Conduct Threat Modeling