This Tactical Tier control triangle seeks to design the software applications that fulfill specific solution requirements, ensuring they are aligned with the organisation's overall Technology Architecture and Design principles.

This control rolls down from the Deliver Solution Domain and cascades into: 2.1.2.1-Server Design, 2.1.2.2-Client Design, and 2.1.2.3-Mobile Design controls.

---

Control Mappings:
Cobit:2019 ➡️ BAI02; BAI02.01; BAI03; BAI03.01
PCI:DSSv4.01 ➡️ 6; 6.1; 6.2.1; 10; 10.6; 10.6.1; 10.6.2
GDPR:2024 ➡️ Art.22; Art.25
ITIL:v4 ➡️ SM27; TM34
CIS:v8 ➡️ Application Software Security; Apply Secure Design Principles in Application Architectures; Conduct Threat Modeling