11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 15383
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 41160
13-05 Controls catalog SQL export 5325
AC-01 Access Control Policies and Procedures 26862
AC-02 Account Management 15239
AC-03 Access Enforcement 17914
AC-04 Information Flow Enforcement 16735
AC-05 Separation Of Duties 10142
AC-06 Least Privilege 9894
AC-07 Unsuccessful Login Attempts 9190
AC-08 System Use Notification 7599
AC-09 Previous Logon Notification 7684
AC-10 Concurrent Session Control 7242
AC-11 Session Lock 8229
AC-12 Session Termination 7781
AC-13 Supervision And Review -- Access Control 6040
AC-14 Permitted Actions Without Identification Or Authentication 5865
AC-15 Automated Marking 4776
AC-16 Automated Labeling 4247
AC-17 Remote Access 8428
AC-18 Wireless Access Restrictions 7488
AC-19 Access Control For Portable And Mobile Devices 7376
AC-20 Use Of External Information Systems 6745
AT-01 Security Awareness And Training Policy And Procedures 9084
AT-02 Security Awareness 8574
AT-03 Security Training 8390
AT-04 Security Training Records 5752
AT-05 Contacts With Security Groups And Associations 4622
AU-01 Audit And Accountability Policy And Procedures 9037
AU-02 Auditable Events 12499
AU-03 Content Of Audit Records 7246
AU-04 Audit Storage Capacity 6427
AU-05 Response To Audit Processing Failures 7850
AU-06 Audit Monitoring, Analysis, And Reporting 15204
AU-07 Audit Reduction And Report Generation 8355
AU-08 Time Stamps 6116
AU-09 Protection Of Audit Information 7851
AU-10 Non-Repudiation 8843
AU-11 Audit Record Retention 8209
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 8076
CA-02 Security Assessments 10171
CA-03 Information System Connections 6218
CA-04 Security Certification 7386
CA-05 Plan Of Action And Milestones 5932
CA-06 Security Accreditation 6070
CA-07 Continuous Monitoring 9397
CM-01 Configuration Management Policy And Procedures 8560
CM-02 Baseline Configuration 10060
CM-03 Configuration Change Control 9192
CM-04 Monitoring Configuration Changes 6137
CM-05 Access Restrictions For Change 7210
CM-06 Configuration Settings 7377
CM-07 Least Functionality 10286
CM-08 Information System Component Inventory 7477
CP-01 Contingency Planning Policy And Procedures 6521
CP-02 Contingency Plan 5968
CP-03 Contingency Training 5257
CP-04 Contingency Plan Testing And Exercises 8418
CP-05 Contingency Plan Update 4905
CP-06 Alternate Storage Site 5499
CP-07 Alternate Processing Site 6760
CP-08 Telecommunications Services 3786
CP-09 Information System Backup 8074
CP-10 Information System Recovery And Reconstitution 7252
IA-01 Identification And Authentication Policy And Procedures 8891
IA-02 User Identification And Authentication 13142
IA-03 Device Identification And Authentication 10356
IA-04 Identifier Management 7215
IA-05 Authenticator Management 9067
IA-06 Authenticator Feedback 6151
IA-07 Cryptographic Module Authentication 9505
IR-01 Incident Response Policy And Procedures 6787
IR-02 Incident Response Training 5907
IR-03 Incident Response Testing And Exercises 8106
IR-04 Incident Handling 10345
IR-05 Incident Monitoring 5987
IR-06 Incident Reporting 6137
IR-07 Incident Response Assistance 5989
MA-01 System Maintenance Policy And Procedures 6186
MA-02 Controlled Maintenance 6222
MA-03 Maintenance Tools 5902
MA-04 Remote Maintenance 6259
MA-05 Maintenance Personnel 4914
MA-06 Timely Maintenance 5332
MP-01 Media Protection Policy And Procedures 6372
MP-02 Media Access 6110
MP-03 Media Labeling 4461
MP-04 Media Storage 4690
MP-05 Media Transport 4654
MP-06 Media Sanitization And Disposal 5050
PE-01 Physical And Environmental Protection Policy And Procedures 5609
PE-02 Physical Access Authorizations 5088
PE-03 Physical Access Control 6509
PE-04 Access Control For Transmission Medium 4725
PE-05 Access Control For Display Medium 4517
PE-06 Monitoring Physical Access 5783
PE-07 Visitor Control 3871
PE-08 Access Records 3579
PE-09 Power Equipment And Power Cabling 4689
PE-10 Emergency Shutoff 4537
PE-11 Emergency Power 4292
PE-12 Emergency Lighting 4235
PE-13 Fire Protection 4461
PE-14 Temperature And Humidity Controls 4420
PE-15 Water Damage Protection 4395
PE-16 Delivery And Removal 4294
PE-17 Alternate Work Site 3739
PE-18 Location Of Information System Components 3805
PE-19 Information Leakage 4364
PL-01 Security Planning Policy And Procedures 8391
PL-02 System Security Plan 5626
PL-03 System Security Plan Update 3388
PL-04 Rules Of Behavior 6655
PL-05 Privacy Impact Assessment 4573
PL-06 Security-Related Activity Planning 3772
PS-01 Personnel Security Policy And Procedures 5617
PS-02 Position Categorization 4055
PS-03 Personnel Screening 3924
PS-04 Personnel Termination 3575
PS-05 Personnel Transfer 3482
PS-06 Access Agreements 5770
PS-07 Third-Party Personnel Security 5565
PS-08 Personnel Sanctions 4259
RA-01 Risk Assessment Policy And Procedures 6344
RA-02 Security Categorization 7989
RA-03 Risk Assessment 8478
RA-04 Risk Assessment Update 5708
RA-05 Vulnerability Scanning 8937
SA-01 System And Services Acquisition Policy And Procedures 7235
SA-02 Allocation Of Resources 6153
SA-03 Life Cycle Support 7001
SA-04 Acquisitions 6677
SA-05 Information System Documentation 11228
SA-06 Software Usage Restrictions 5739
SA-07 User Installed Software 5311
SA-08 Security Engineering Principles 10245
SA-09 External Information System Services 6747
SA-10 Developer Configuration Management 5841
SA-11 Developer Security Testing 5706
SC-01 System And Communications Protection Policy And Procedures 6813
SC-02 Application Partitioning 7055
SC-03 Security Function Isolation 8606
SC-04 Information Remnance 9484
SC-05 Denial Of Service Protection 8246
SC-06 Resource Priority 5518
SC-07 Boundary Protection 13168
SC-08 Transmission Integrity 9508
SC-09 Transmission Confidentiality 9254
SC-10 Network Disconnect 5960
SC-11 Trusted Path 6948
SC-12 Cryptographic Key Establishment And Management 7640
SC-13 Use Of Cryptography 8398
SC-14 Public Access Protections 5219
SC-15 Collaborative Computing 6483
SC-16 Transmission Of Security Parameters 4122
SC-17 Public Key Infrastructure Certificates 4413
SC-18 Mobile Code 8172
SC-19 Voice Over Internet Protocol 3866
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 7407
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4600
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4396
SC-23 Session Authenticity 8801
SI-01 System And Information Integrity Policy And Procedures 6138
SI-02 Flaw Remediation 10485
SI-03 Malicious Code Protection 11096
SI-04 Information System Monitoring Tools And Techniques 11065
SI-05 Security Alerts And Advisories 6143
SI-06 Security Functionality Verification 10354
SI-07 Software And Information Integrity 9472
SI-08 Spam Protection 4076
SI-09 Information Input Restrictions 4343
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 10268
SI-11 Error Handling 6380
SI-12 Information Output Handling And Retention 5134