11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 15033
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 40232
13-05 Controls catalog SQL export 5218
AC-01 Access Control Policies and Procedures 26340
AC-02 Account Management 14890
AC-03 Access Enforcement 17502
AC-04 Information Flow Enforcement 16338
AC-05 Separation Of Duties 9910
AC-06 Least Privilege 9662
AC-07 Unsuccessful Login Attempts 8974
AC-08 System Use Notification 7430
AC-09 Previous Logon Notification 7533
AC-10 Concurrent Session Control 7090
AC-11 Session Lock 8057
AC-12 Session Termination 7607
AC-13 Supervision And Review -- Access Control 5915
AC-14 Permitted Actions Without Identification Or Authentication 5766
AC-15 Automated Marking 4676
AC-16 Automated Labeling 4166
AC-17 Remote Access 8157
AC-18 Wireless Access Restrictions 7289
AC-19 Access Control For Portable And Mobile Devices 7180
AC-20 Use Of External Information Systems 6533
AT-01 Security Awareness And Training Policy And Procedures 8873
AT-02 Security Awareness 8393
AT-03 Security Training 8170
AT-04 Security Training Records 5650
AT-05 Contacts With Security Groups And Associations 4506
AU-01 Audit And Accountability Policy And Procedures 8807
AU-02 Auditable Events 12207
AU-03 Content Of Audit Records 7092
AU-04 Audit Storage Capacity 6292
AU-05 Response To Audit Processing Failures 7602
AU-06 Audit Monitoring, Analysis, And Reporting 14909
AU-07 Audit Reduction And Report Generation 8160
AU-08 Time Stamps 5962
AU-09 Protection Of Audit Information 7671
AU-10 Non-Repudiation 8692
AU-11 Audit Record Retention 8060
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7893
CA-02 Security Assessments 9937
CA-03 Information System Connections 6087
CA-04 Security Certification 7233
CA-05 Plan Of Action And Milestones 5793
CA-06 Security Accreditation 5942
CA-07 Continuous Monitoring 9031
CM-01 Configuration Management Policy And Procedures 8389
CM-02 Baseline Configuration 9841
CM-03 Configuration Change Control 8974
CM-04 Monitoring Configuration Changes 5986
CM-05 Access Restrictions For Change 7036
CM-06 Configuration Settings 7232
CM-07 Least Functionality 10040
CM-08 Information System Component Inventory 7270
CP-01 Contingency Planning Policy And Procedures 6375
CP-02 Contingency Plan 5815
CP-03 Contingency Training 5151
CP-04 Contingency Plan Testing And Exercises 8242
CP-05 Contingency Plan Update 4809
CP-06 Alternate Storage Site 5394
CP-07 Alternate Processing Site 6604
CP-08 Telecommunications Services 3711
CP-09 Information System Backup 7881
CP-10 Information System Recovery And Reconstitution 7074
IA-01 Identification And Authentication Policy And Procedures 8696
IA-02 User Identification And Authentication 12836
IA-03 Device Identification And Authentication 10105
IA-04 Identifier Management 7022
IA-05 Authenticator Management 8775
IA-06 Authenticator Feedback 6020
IA-07 Cryptographic Module Authentication 9279
IR-01 Incident Response Policy And Procedures 6632
IR-02 Incident Response Training 5776
IR-03 Incident Response Testing And Exercises 7944
IR-04 Incident Handling 9950
IR-05 Incident Monitoring 5839
IR-06 Incident Reporting 6006
IR-07 Incident Response Assistance 5844
MA-01 System Maintenance Policy And Procedures 6065
MA-02 Controlled Maintenance 6085
MA-03 Maintenance Tools 5796
MA-04 Remote Maintenance 6083
MA-05 Maintenance Personnel 4808
MA-06 Timely Maintenance 5205
MP-01 Media Protection Policy And Procedures 6233
MP-02 Media Access 5986
MP-03 Media Labeling 4351
MP-04 Media Storage 4601
MP-05 Media Transport 4543
MP-06 Media Sanitization And Disposal 4939
PE-01 Physical And Environmental Protection Policy And Procedures 5473
PE-02 Physical Access Authorizations 4978
PE-03 Physical Access Control 6363
PE-04 Access Control For Transmission Medium 4594
PE-05 Access Control For Display Medium 4423
PE-06 Monitoring Physical Access 5628
PE-07 Visitor Control 3776
PE-08 Access Records 3490
PE-09 Power Equipment And Power Cabling 4590
PE-10 Emergency Shutoff 4439
PE-11 Emergency Power 4200
PE-12 Emergency Lighting 4136
PE-13 Fire Protection 4370
PE-14 Temperature And Humidity Controls 4322
PE-15 Water Damage Protection 4296
PE-16 Delivery And Removal 4195
PE-17 Alternate Work Site 3649
PE-18 Location Of Information System Components 3722
PE-19 Information Leakage 4275
PL-01 Security Planning Policy And Procedures 8226
PL-02 System Security Plan 5503
PL-03 System Security Plan Update 3326
PL-04 Rules Of Behavior 6499
PL-05 Privacy Impact Assessment 4499
PL-06 Security-Related Activity Planning 3687
PS-01 Personnel Security Policy And Procedures 5493
PS-02 Position Categorization 3967
PS-03 Personnel Screening 3833
PS-04 Personnel Termination 3511
PS-05 Personnel Transfer 3412
PS-06 Access Agreements 5625
PS-07 Third-Party Personnel Security 5433
PS-08 Personnel Sanctions 4162
RA-01 Risk Assessment Policy And Procedures 6213
RA-02 Security Categorization 7822
RA-03 Risk Assessment 8264
RA-04 Risk Assessment Update 5598
RA-05 Vulnerability Scanning 8705
SA-01 System And Services Acquisition Policy And Procedures 7062
SA-02 Allocation Of Resources 6016
SA-03 Life Cycle Support 6820
SA-04 Acquisitions 6526
SA-05 Information System Documentation 11008
SA-06 Software Usage Restrictions 5626
SA-07 User Installed Software 5154
SA-08 Security Engineering Principles 10031
SA-09 External Information System Services 6590
SA-10 Developer Configuration Management 5707
SA-11 Developer Security Testing 5584
SC-01 System And Communications Protection Policy And Procedures 6666
SC-02 Application Partitioning 6893
SC-03 Security Function Isolation 8429
SC-04 Information Remnance 9334
SC-05 Denial Of Service Protection 8062
SC-06 Resource Priority 5402
SC-07 Boundary Protection 12820
SC-08 Transmission Integrity 9286
SC-09 Transmission Confidentiality 9035
SC-10 Network Disconnect 5823
SC-11 Trusted Path 6785
SC-12 Cryptographic Key Establishment And Management 7452
SC-13 Use Of Cryptography 8197
SC-14 Public Access Protections 5120
SC-15 Collaborative Computing 6337
SC-16 Transmission Of Security Parameters 4047
SC-17 Public Key Infrastructure Certificates 4322
SC-18 Mobile Code 7995
SC-19 Voice Over Internet Protocol 3790
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 7242
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4514
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4296
SC-23 Session Authenticity 8567
SI-01 System And Information Integrity Policy And Procedures 6022
SI-02 Flaw Remediation 10233
SI-03 Malicious Code Protection 10821
SI-04 Information System Monitoring Tools And Techniques 10724
SI-05 Security Alerts And Advisories 5994
SI-06 Security Functionality Verification 10178
SI-07 Software And Information Integrity 9296
SI-08 Spam Protection 3984
SI-09 Information Input Restrictions 4262
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 10128
SI-11 Error Handling 6246
SI-12 Information Output Handling And Retention 5005