Which type of framework helps align application security practices within an organization?

The Organizational Normative Framework (ONF) is designed specifically to establish values, norms, and practices that guide how security is implemented within an organization. By aligning application security practices with the organization's overall mission and objectives, the ONF ensures that application security initiatives are consistent with organizational culture and strategic goals. This framework promotes a holistic view of security, considering both technical and human factors, and encourages a shared understanding of security responsibilities across various teams.

This alignment is crucial in fostering a security-centric mindset among employees and integrating security considerations into the software development lifecycle, thereby enhancing overall security posture. The ONF also facilitates communication about security practices, helping to break down silos within the organization and creating a cohesive approach to application security.