11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 11359
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 31980
13-05 Controls catalog SQL export 4114
AC-01 Access Control Policies and Procedures 21257
AC-02 Account Management 11676
AC-03 Access Enforcement 13786
AC-04 Information Flow Enforcement 12748
AC-05 Separation Of Duties 7962
AC-06 Least Privilege 7334
AC-07 Unsuccessful Login Attempts 6925
AC-08 System Use Notification 5825
AC-09 Previous Logon Notification 6201
AC-10 Concurrent Session Control 5507
AC-11 Session Lock 6133
AC-12 Session Termination 5621
AC-13 Supervision And Review -- Access Control 4713
AC-14 Permitted Actions Without Identification Or Authentication 4735
AC-15 Automated Marking 3635
AC-16 Automated Labeling 3320
AC-17 Remote Access 6176
AC-18 Wireless Access Restrictions 5443
AC-19 Access Control For Portable And Mobile Devices 5556
AC-20 Use Of External Information Systems 4579
AT-01 Security Awareness And Training Policy And Procedures 6883
AT-02 Security Awareness 6646
AT-03 Security Training 6356
AT-04 Security Training Records 4511
AT-05 Contacts With Security Groups And Associations 3472
AU-01 Audit And Accountability Policy And Procedures 6682
AU-02 Auditable Events 9380
AU-03 Content Of Audit Records 5470
AU-04 Audit Storage Capacity 4893
AU-05 Response To Audit Processing Failures 5824
AU-06 Audit Monitoring, Analysis, And Reporting 11883
AU-07 Audit Reduction And Report Generation 6449
AU-08 Time Stamps 4611
AU-09 Protection Of Audit Information 5887
AU-10 Non-Repudiation 7171
AU-11 Audit Record Retention 6721
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6301
CA-02 Security Assessments 7558
CA-03 Information System Connections 4648
CA-04 Security Certification 5639
CA-05 Plan Of Action And Milestones 4575
CA-06 Security Accreditation 4718
CA-07 Continuous Monitoring 7034
CM-01 Configuration Management Policy And Procedures 6752
CM-02 Baseline Configuration 7841
CM-03 Configuration Change Control 7093
CM-04 Monitoring Configuration Changes 4654
CM-05 Access Restrictions For Change 5536
CM-06 Configuration Settings 5722
CM-07 Least Functionality 7850
CM-08 Information System Component Inventory 5648
CP-01 Contingency Planning Policy And Procedures 4854
CP-02 Contingency Plan 4445
CP-03 Contingency Training 4064
CP-04 Contingency Plan Testing And Exercises 6336
CP-05 Contingency Plan Update 3803
CP-06 Alternate Storage Site 4179
CP-07 Alternate Processing Site 5147
CP-08 Telecommunications Services 2902
CP-09 Information System Backup 5966
CP-10 Information System Recovery And Reconstitution 5425
IA-01 Identification And Authentication Policy And Procedures 6695
IA-02 User Identification And Authentication 9847
IA-03 Device Identification And Authentication 7871
IA-04 Identifier Management 5466
IA-05 Authenticator Management 6945
IA-06 Authenticator Feedback 4662
IA-07 Cryptographic Module Authentication 7307
IR-01 Incident Response Policy And Procedures 4935
IR-02 Incident Response Training 4542
IR-03 Incident Response Testing And Exercises 6535
IR-04 Incident Handling 7721
IR-05 Incident Monitoring 4527
IR-06 Incident Reporting 4752
IR-07 Incident Response Assistance 4588
MA-01 System Maintenance Policy And Procedures 4805
MA-02 Controlled Maintenance 4867
MA-03 Maintenance Tools 4479
MA-04 Remote Maintenance 4623
MA-05 Maintenance Personnel 3820
MA-06 Timely Maintenance 4117
MP-01 Media Protection Policy And Procedures 5045
MP-02 Media Access 4673
MP-03 Media Labeling 3424
MP-04 Media Storage 3676
MP-05 Media Transport 3525
MP-06 Media Sanitization And Disposal 3773
PE-01 Physical And Environmental Protection Policy And Procedures 4293
PE-02 Physical Access Authorizations 3858
PE-03 Physical Access Control 4849
PE-04 Access Control For Transmission Medium 3466
PE-05 Access Control For Display Medium 3479
PE-06 Monitoring Physical Access 4405
PE-07 Visitor Control 2933
PE-08 Access Records 2706
PE-09 Power Equipment And Power Cabling 3597
PE-10 Emergency Shutoff 3479
PE-11 Emergency Power 3325
PE-12 Emergency Lighting 3250
PE-13 Fire Protection 3447
PE-14 Temperature And Humidity Controls 3452
PE-15 Water Damage Protection 3406
PE-16 Delivery And Removal 3292
PE-17 Alternate Work Site 2871
PE-18 Location Of Information System Components 2937
PE-19 Information Leakage 3353
PL-01 Security Planning Policy And Procedures 6533
PL-02 System Security Plan 4279
PL-03 System Security Plan Update 2673
PL-04 Rules Of Behavior 5176
PL-05 Privacy Impact Assessment 3679
PL-06 Security-Related Activity Planning 2896
PS-01 Personnel Security Policy And Procedures 4295
PS-02 Position Categorization 3112
PS-03 Personnel Screening 2968
PS-04 Personnel Termination 2802
PS-05 Personnel Transfer 2740
PS-06 Access Agreements 4431
PS-07 Third-Party Personnel Security 4171
PS-08 Personnel Sanctions 3071
RA-01 Risk Assessment Policy And Procedures 4795
RA-02 Security Categorization 6406
RA-03 Risk Assessment 6257
RA-04 Risk Assessment Update 4463
RA-05 Vulnerability Scanning 6515
SA-01 System And Services Acquisition Policy And Procedures 5522
SA-02 Allocation Of Resources 4831
SA-03 Life Cycle Support 5322
SA-04 Acquisitions 5109
SA-05 Information System Documentation 8561
SA-06 Software Usage Restrictions 4426
SA-07 User Installed Software 3942
SA-08 Security Engineering Principles 8329
SA-09 External Information System Services 5037
SA-10 Developer Configuration Management 4333
SA-11 Developer Security Testing 4463
SC-01 System And Communications Protection Policy And Procedures 5096
SC-02 Application Partitioning 5268
SC-03 Security Function Isolation 6453
SC-04 Information Remnance 7642
SC-05 Denial Of Service Protection 6205
SC-06 Resource Priority 4228
SC-07 Boundary Protection 9527
SC-08 Transmission Integrity 7276
SC-09 Transmission Confidentiality 7007
SC-10 Network Disconnect 4500
SC-11 Trusted Path 5276
SC-12 Cryptographic Key Establishment And Management 5627
SC-13 Use Of Cryptography 6353
SC-14 Public Access Protections 4105
SC-15 Collaborative Computing 5013
SC-16 Transmission Of Security Parameters 3209
SC-17 Public Key Infrastructure Certificates 3380
SC-18 Mobile Code 6328
SC-19 Voice Over Internet Protocol 3013
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5675
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3443
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3334
SC-23 Session Authenticity 6551
SI-01 System And Information Integrity Policy And Procedures 4901
SI-02 Flaw Remediation 7798
SI-03 Malicious Code Protection 8432
SI-04 Information System Monitoring Tools And Techniques 7197
SI-05 Security Alerts And Advisories 4667
SI-06 Security Functionality Verification 8422
SI-07 Software And Information Integrity 7672
SI-08 Spam Protection 3073
SI-09 Information Input Restrictions 3324
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8609
SI-11 Error Handling 4906
SI-12 Information Output Handling And Retention 3890