14.2.6 Integrate applicable information security requirements, controls, processes, and procedures into IT system and application design specifications in accordance with established standards, policies, procedures, guidelines, directives, regulations, and laws (statutes).