11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 12604
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 34742
13-05 Controls catalog SQL export 4420
AC-01 Access Control Policies and Procedures 22868
AC-02 Account Management 12712
AC-03 Access Enforcement 14960
AC-04 Information Flow Enforcement 13886
AC-05 Separation Of Duties 8483
AC-06 Least Privilege 8071
AC-07 Unsuccessful Login Attempts 7515
AC-08 System Use Notification 6284
AC-09 Previous Logon Notification 6580
AC-10 Concurrent Session Control 5933
AC-11 Session Lock 6717
AC-12 Session Termination 6247
AC-13 Supervision And Review -- Access Control 5091
AC-14 Permitted Actions Without Identification Or Authentication 5022
AC-15 Automated Marking 3903
AC-16 Automated Labeling 3534
AC-17 Remote Access 6844
AC-18 Wireless Access Restrictions 5935
AC-19 Access Control For Portable And Mobile Devices 5986
AC-20 Use Of External Information Systems 5244
AT-01 Security Awareness And Training Policy And Procedures 7414
AT-02 Security Awareness 7157
AT-03 Security Training 6874
AT-04 Security Training Records 4795
AT-05 Contacts With Security Groups And Associations 3810
AU-01 Audit And Accountability Policy And Procedures 7307
AU-02 Auditable Events 10265
AU-03 Content Of Audit Records 5934
AU-04 Audit Storage Capacity 5258
AU-05 Response To Audit Processing Failures 6344
AU-06 Audit Monitoring, Analysis, And Reporting 12701
AU-07 Audit Reduction And Report Generation 6976
AU-08 Time Stamps 4947
AU-09 Protection Of Audit Information 6340
AU-10 Non-Repudiation 7585
AU-11 Audit Record Retention 7074
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6758
CA-02 Security Assessments 8301
CA-03 Information System Connections 5152
CA-04 Security Certification 6064
CA-05 Plan Of Action And Milestones 4905
CA-06 Security Accreditation 5023
CA-07 Continuous Monitoring 7599
CM-01 Configuration Management Policy And Procedures 7256
CM-02 Baseline Configuration 8431
CM-03 Configuration Change Control 7623
CM-04 Monitoring Configuration Changes 4972
CM-05 Access Restrictions For Change 5907
CM-06 Configuration Settings 6118
CM-07 Least Functionality 8487
CM-08 Information System Component Inventory 6109
CP-01 Contingency Planning Policy And Procedures 5354
CP-02 Contingency Plan 4829
CP-03 Contingency Training 4342
CP-04 Contingency Plan Testing And Exercises 6905
CP-05 Contingency Plan Update 4040
CP-06 Alternate Storage Site 4538
CP-07 Alternate Processing Site 5532
CP-08 Telecommunications Services 3139
CP-09 Information System Backup 6516
CP-10 Information System Recovery And Reconstitution 5861
IA-01 Identification And Authentication Policy And Procedures 7303
IA-02 User Identification And Authentication 10848
IA-03 Device Identification And Authentication 8510
IA-04 Identifier Management 5903
IA-05 Authenticator Management 7490
IA-06 Authenticator Feedback 5020
IA-07 Cryptographic Module Authentication 7901
IR-01 Incident Response Policy And Procedures 5403
IR-02 Incident Response Training 4878
IR-03 Incident Response Testing And Exercises 6934
IR-04 Incident Handling 8253
IR-05 Incident Monitoring 4839
IR-06 Incident Reporting 5034
IR-07 Incident Response Assistance 4916
MA-01 System Maintenance Policy And Procedures 5205
MA-02 Controlled Maintenance 5198
MA-03 Maintenance Tools 4821
MA-04 Remote Maintenance 5022
MA-05 Maintenance Personnel 4045
MA-06 Timely Maintenance 4378
MP-01 Media Protection Policy And Procedures 5377
MP-02 Media Access 5061
MP-03 Media Labeling 3657
MP-04 Media Storage 3921
MP-05 Media Transport 3796
MP-06 Media Sanitization And Disposal 4109
PE-01 Physical And Environmental Protection Policy And Procedures 4655
PE-02 Physical Access Authorizations 4161
PE-03 Physical Access Control 5221
PE-04 Access Control For Transmission Medium 3817
PE-05 Access Control For Display Medium 3701
PE-06 Monitoring Physical Access 4732
PE-07 Visitor Control 3148
PE-08 Access Records 2928
PE-09 Power Equipment And Power Cabling 3837
PE-10 Emergency Shutoff 3728
PE-11 Emergency Power 3503
PE-12 Emergency Lighting 3442
PE-13 Fire Protection 3684
PE-14 Temperature And Humidity Controls 3658
PE-15 Water Damage Protection 3608
PE-16 Delivery And Removal 3502
PE-17 Alternate Work Site 3092
PE-18 Location Of Information System Components 3129
PE-19 Information Leakage 3626
PL-01 Security Planning Policy And Procedures 7061
PL-02 System Security Plan 4610
PL-03 System Security Plan Update 2843
PL-04 Rules Of Behavior 5479
PL-05 Privacy Impact Assessment 3908
PL-06 Security-Related Activity Planning 3119
PS-01 Personnel Security Policy And Procedures 4633
PS-02 Position Categorization 3320
PS-03 Personnel Screening 3189
PS-04 Personnel Termination 2972
PS-05 Personnel Transfer 2902
PS-06 Access Agreements 4711
PS-07 Third-Party Personnel Security 4596
PS-08 Personnel Sanctions 3403
RA-01 Risk Assessment Policy And Procedures 5192
RA-02 Security Categorization 6767
RA-03 Risk Assessment 6801
RA-04 Risk Assessment Update 4762
RA-05 Vulnerability Scanning 7128
SA-01 System And Services Acquisition Policy And Procedures 6015
SA-02 Allocation Of Resources 5157
SA-03 Life Cycle Support 5732
SA-04 Acquisitions 5505
SA-05 Information System Documentation 9195
SA-06 Software Usage Restrictions 4711
SA-07 User Installed Software 4246
SA-08 Security Engineering Principles 8786
SA-09 External Information System Services 5561
SA-10 Developer Configuration Management 4761
SA-11 Developer Security Testing 4818
SC-01 System And Communications Protection Policy And Procedures 5627
SC-02 Application Partitioning 5729
SC-03 Security Function Isolation 7098
SC-04 Information Remnance 8153
SC-05 Denial Of Service Protection 6746
SC-06 Resource Priority 4534
SC-07 Boundary Protection 10634
SC-08 Transmission Integrity 7874
SC-09 Transmission Confidentiality 7579
SC-10 Network Disconnect 4829
SC-11 Trusted Path 5678
SC-12 Cryptographic Key Establishment And Management 6158
SC-13 Use Of Cryptography 6878
SC-14 Public Access Protections 4356
SC-15 Collaborative Computing 5345
SC-16 Transmission Of Security Parameters 3485
SC-17 Public Key Infrastructure Certificates 3634
SC-18 Mobile Code 6810
SC-19 Voice Over Internet Protocol 3239
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 6114
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3726
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3593
SC-23 Session Authenticity 7157
SI-01 System And Information Integrity Policy And Procedures 5258
SI-02 Flaw Remediation 8563
SI-03 Malicious Code Protection 9134
SI-04 Information System Monitoring Tools And Techniques 8229
SI-05 Security Alerts And Advisories 5002
SI-06 Security Functionality Verification 8808
SI-07 Software And Information Integrity 8116
SI-08 Spam Protection 3315
SI-09 Information Input Restrictions 3576
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 9031
SI-11 Error Handling 5281
SI-12 Information Output Handling And Retention 4206