The RFC need to expand and organize the different transparency aspects: process, documentation, code and people. This needs to play into well communicated architecture planning. Since much of the OWASP Top 10 and general CWEs are issues with consistently applying architecture, there may need to be a stand-alone tenant that expresses the need for Well Communicated and Applied Architecture, perhaps with a succinct title.
The RFC need to expand and organize the different transparency aspects: process, documentation, code and people. This needs to play into well communicated architecture planning. Since much of the OWASP Top 10 and general CWEs are issues with consistently applying architecture, there may need to be a stand-alone tenant that expresses the need for Well Communicated and Applied Architecture, perhaps with a succinct title.