11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9840
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 28704
13-05 Controls catalog SQL export 3705
AC-01 Access Control Policies and Procedures 19005
AC-02 Account Management 10481
AC-03 Access Enforcement 10754
AC-04 Information Flow Enforcement 11518
AC-05 Separation Of Duties 6717
AC-06 Least Privilege 6551
AC-07 Unsuccessful Login Attempts 6207
AC-08 System Use Notification 5250
AC-09 Previous Logon Notification 5739
AC-10 Concurrent Session Control 4955
AC-11 Session Lock 5446
AC-12 Session Termination 4986
AC-13 Supervision And Review -- Access Control 4291
AC-14 Permitted Actions Without Identification Or Authentication 3833
AC-15 Automated Marking 3340
AC-16 Automated Labeling 3084
AC-17 Remote Access 5406
AC-18 Wireless Access Restrictions 4886
AC-19 Access Control For Portable And Mobile Devices 5013
AC-20 Use Of External Information Systems 3914
AT-01 Security Awareness And Training Policy And Procedures 6177
AT-02 Security Awareness 6072
AT-03 Security Training 5717
AT-04 Security Training Records 4146
AT-05 Contacts With Security Groups And Associations 3080
AU-01 Audit And Accountability Policy And Procedures 6012
AU-02 Auditable Events 8388
AU-03 Content Of Audit Records 4876
AU-04 Audit Storage Capacity 4430
AU-05 Response To Audit Processing Failures 5217
AU-06 Audit Monitoring, Analysis, And Reporting 10839
AU-07 Audit Reduction And Report Generation 5798
AU-08 Time Stamps 4179
AU-09 Protection Of Audit Information 5309
AU-10 Non-Repudiation 6660
AU-11 Audit Record Retention 6288
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5755
CA-02 Security Assessments 6724
CA-03 Information System Connections 4183
CA-04 Security Certification 5171
CA-05 Plan Of Action And Milestones 4179
CA-06 Security Accreditation 4352
CA-07 Continuous Monitoring 6371
CM-01 Configuration Management Policy And Procedures 6198
CM-02 Baseline Configuration 7050
CM-03 Configuration Change Control 6458
CM-04 Monitoring Configuration Changes 4302
CM-05 Access Restrictions For Change 5088
CM-06 Configuration Settings 5131
CM-07 Least Functionality 7119
CM-08 Information System Component Inventory 5060
CP-01 Contingency Planning Policy And Procedures 4362
CP-02 Contingency Plan 4041
CP-03 Contingency Training 3721
CP-04 Contingency Plan Testing And Exercises 5768
CP-05 Contingency Plan Update 3501
CP-06 Alternate Storage Site 3792
CP-07 Alternate Processing Site 4674
CP-08 Telecommunications Services 2637
CP-09 Information System Backup 5299
CP-10 Information System Recovery And Reconstitution 4923
IA-01 Identification And Authentication Policy And Procedures 6064
IA-02 User Identification And Authentication 8807
IA-03 Device Identification And Authentication 7143
IA-04 Identifier Management 4998
IA-05 Authenticator Management 6321
IA-06 Authenticator Feedback 4258
IA-07 Cryptographic Module Authentication 6599
IR-01 Incident Response Policy And Procedures 4412
IR-02 Incident Response Training 4162
IR-03 Incident Response Testing And Exercises 6091
IR-04 Incident Handling 7074
IR-05 Incident Monitoring 4136
IR-06 Incident Reporting 4352
IR-07 Incident Response Assistance 4222
MA-01 System Maintenance Policy And Procedures 4344
MA-02 Controlled Maintenance 4454
MA-03 Maintenance Tools 4101
MA-04 Remote Maintenance 4243
MA-05 Maintenance Personnel 3507
MA-06 Timely Maintenance 3801
MP-01 Media Protection Policy And Procedures 4627
MP-02 Media Access 4253
MP-03 Media Labeling 3128
MP-04 Media Storage 3333
MP-05 Media Transport 3221
MP-06 Media Sanitization And Disposal 3387
PE-01 Physical And Environmental Protection Policy And Procedures 3950
PE-02 Physical Access Authorizations 3548
PE-03 Physical Access Control 4319
PE-04 Access Control For Transmission Medium 3120
PE-05 Access Control For Display Medium 3197
PE-06 Monitoring Physical Access 4020
PE-07 Visitor Control 2650
PE-08 Access Records 2476
PE-09 Power Equipment And Power Cabling 3307
PE-10 Emergency Shutoff 3176
PE-11 Emergency Power 3087
PE-12 Emergency Lighting 3008
PE-13 Fire Protection 3169
PE-14 Temperature And Humidity Controls 3195
PE-15 Water Damage Protection 3121
PE-16 Delivery And Removal 3050
PE-17 Alternate Work Site 2616
PE-18 Location Of Information System Components 2714
PE-19 Information Leakage 3018
PL-01 Security Planning Policy And Procedures 5939
PL-02 System Security Plan 3897
PL-03 System Security Plan Update 2471
PL-04 Rules Of Behavior 4763
PL-05 Privacy Impact Assessment 2866
PL-06 Security-Related Activity Planning 2656
PS-01 Personnel Security Policy And Procedures 3894
PS-02 Position Categorization 2854
PS-03 Personnel Screening 2668
PS-04 Personnel Termination 2592
PS-05 Personnel Transfer 2542
PS-06 Access Agreements 4064
PS-07 Third-Party Personnel Security 3740
PS-08 Personnel Sanctions 2758
RA-01 Risk Assessment Policy And Procedures 4306
RA-02 Security Categorization 5957
RA-03 Risk Assessment 5604
RA-04 Risk Assessment Update 4144
RA-05 Vulnerability Scanning 5770
SA-01 System And Services Acquisition Policy And Procedures 4971
SA-02 Allocation Of Resources 4488
SA-03 Life Cycle Support 4804
SA-04 Acquisitions 4667
SA-05 Information System Documentation 7840
SA-06 Software Usage Restrictions 4004
SA-07 User Installed Software 3615
SA-08 Security Engineering Principles 7756
SA-09 External Information System Services 4548
SA-10 Developer Configuration Management 3967
SA-11 Developer Security Testing 4075
SC-01 System And Communications Protection Policy And Procedures 4652
SC-02 Application Partitioning 4721
SC-03 Security Function Isolation 5859
SC-04 Information Remnance 7117
SC-05 Denial Of Service Protection 5613
SC-06 Resource Priority 3915
SC-07 Boundary Protection 8318
SC-08 Transmission Integrity 6557
SC-09 Transmission Confidentiality 6267
SC-10 Network Disconnect 4141
SC-11 Trusted Path 4738
SC-12 Cryptographic Key Establishment And Management 5060
SC-13 Use Of Cryptography 5747
SC-14 Public Access Protections 3753
SC-15 Collaborative Computing 4538
SC-16 Transmission Of Security Parameters 2920
SC-17 Public Key Infrastructure Certificates 3084
SC-18 Mobile Code 5765
SC-19 Voice Over Internet Protocol 2710
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5130
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3126
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3055
SC-23 Session Authenticity 5840
SI-01 System And Information Integrity Policy And Procedures 4528
SI-02 Flaw Remediation 7035
SI-03 Malicious Code Protection 7625
SI-04 Information System Monitoring Tools And Techniques 6175
SI-05 Security Alerts And Advisories 4229
SI-06 Security Functionality Verification 6273
SI-07 Software And Information Integrity 7191
SI-08 Spam Protection 2774
SI-09 Information Input Restrictions 3012
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6897
SI-11 Error Handling 4437
SI-12 Information Output Handling And Retention 3519