Implement and test ()

Recommended Security Control (SA&A process)
Security Capability

Implement the recommended security controls and test the security capabilities