11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 13623
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 36770
13-05 Controls catalog SQL export 4729
AC-01 Access Control Policies and Procedures 24295
AC-02 Account Management 13589
AC-03 Access Enforcement 15979
AC-04 Information Flow Enforcement 14882
AC-05 Separation Of Duties 9068
AC-06 Least Privilege 8669
AC-07 Unsuccessful Login Attempts 8109
AC-08 System Use Notification 6719
AC-09 Previous Logon Notification 6969
AC-10 Concurrent Session Control 6418
AC-11 Session Lock 7256
AC-12 Session Termination 6848
AC-13 Supervision And Review -- Access Control 5426
AC-14 Permitted Actions Without Identification Or Authentication 5341
AC-15 Automated Marking 4285
AC-16 Automated Labeling 3816
AC-17 Remote Access 7399
AC-18 Wireless Access Restrictions 6450
AC-19 Access Control For Portable And Mobile Devices 6477
AC-20 Use Of External Information Systems 5791
AT-01 Security Awareness And Training Policy And Procedures 8060
AT-02 Security Awareness 7698
AT-03 Security Training 7430
AT-04 Security Training Records 5171
AT-05 Contacts With Security Groups And Associations 4098
AU-01 Audit And Accountability Policy And Procedures 7900
AU-02 Auditable Events 11071
AU-03 Content Of Audit Records 6420
AU-04 Audit Storage Capacity 5713
AU-05 Response To Audit Processing Failures 6865
AU-06 Audit Monitoring, Analysis, And Reporting 13657
AU-07 Audit Reduction And Report Generation 7456
AU-08 Time Stamps 5372
AU-09 Protection Of Audit Information 6908
AU-10 Non-Repudiation 8038
AU-11 Audit Record Retention 7484
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7234
CA-02 Security Assessments 9000
CA-03 Information System Connections 5568
CA-04 Security Certification 6560
CA-05 Plan Of Action And Milestones 5284
CA-06 Security Accreditation 5412
CA-07 Continuous Monitoring 8248
CM-01 Configuration Management Policy And Procedures 7729
CM-02 Baseline Configuration 9040
CM-03 Configuration Change Control 8210
CM-04 Monitoring Configuration Changes 5403
CM-05 Access Restrictions For Change 6366
CM-06 Configuration Settings 6595
CM-07 Least Functionality 9125
CM-08 Information System Component Inventory 6613
CP-01 Contingency Planning Policy And Procedures 5819
CP-02 Contingency Plan 5246
CP-03 Contingency Training 4693
CP-04 Contingency Plan Testing And Exercises 7441
CP-05 Contingency Plan Update 4366
CP-06 Alternate Storage Site 4893
CP-07 Alternate Processing Site 5978
CP-08 Telecommunications Services 3402
CP-09 Information System Backup 7085
CP-10 Information System Recovery And Reconstitution 6355
IA-01 Identification And Authentication Policy And Procedures 7866
IA-02 User Identification And Authentication 11720
IA-03 Device Identification And Authentication 9186
IA-04 Identifier Management 6350
IA-05 Authenticator Management 7980
IA-06 Authenticator Feedback 5474
IA-07 Cryptographic Module Authentication 8445
IR-01 Incident Response Policy And Procedures 5997
IR-02 Incident Response Training 5280
IR-03 Incident Response Testing And Exercises 7357
IR-04 Incident Handling 9007
IR-05 Incident Monitoring 5287
IR-06 Incident Reporting 5421
IR-07 Incident Response Assistance 5301
MA-01 System Maintenance Policy And Procedures 5583
MA-02 Controlled Maintenance 5599
MA-03 Maintenance Tools 5215
MA-04 Remote Maintenance 5474
MA-05 Maintenance Personnel 4370
MA-06 Timely Maintenance 4725
MP-01 Media Protection Policy And Procedures 5721
MP-02 Media Access 5471
MP-03 Media Labeling 3946
MP-04 Media Storage 4221
MP-05 Media Transport 4115
MP-06 Media Sanitization And Disposal 4534
PE-01 Physical And Environmental Protection Policy And Procedures 4998
PE-02 Physical Access Authorizations 4515
PE-03 Physical Access Control 5704
PE-04 Access Control For Transmission Medium 4132
PE-05 Access Control For Display Medium 4018
PE-06 Monitoring Physical Access 5097
PE-07 Visitor Control 3429
PE-08 Access Records 3179
PE-09 Power Equipment And Power Cabling 4169
PE-10 Emergency Shutoff 4031
PE-11 Emergency Power 3811
PE-12 Emergency Lighting 3747
PE-13 Fire Protection 3975
PE-14 Temperature And Humidity Controls 3960
PE-15 Water Damage Protection 3906
PE-16 Delivery And Removal 3816
PE-17 Alternate Work Site 3348
PE-18 Location Of Information System Components 3390
PE-19 Information Leakage 3911
PL-01 Security Planning Policy And Procedures 7542
PL-02 System Security Plan 4988
PL-03 System Security Plan Update 3065
PL-04 Rules Of Behavior 5902
PL-05 Privacy Impact Assessment 4168
PL-06 Security-Related Activity Planning 3387
PS-01 Personnel Security Policy And Procedures 4991
PS-02 Position Categorization 3585
PS-03 Personnel Screening 3480
PS-04 Personnel Termination 3210
PS-05 Personnel Transfer 3144
PS-06 Access Agreements 5100
PS-07 Third-Party Personnel Security 4957
PS-08 Personnel Sanctions 3722
RA-01 Risk Assessment Policy And Procedures 5593
RA-02 Security Categorization 7210
RA-03 Risk Assessment 7438
RA-04 Risk Assessment Update 5115
RA-05 Vulnerability Scanning 7787
SA-01 System And Services Acquisition Policy And Procedures 6437
SA-02 Allocation Of Resources 5503
SA-03 Life Cycle Support 6219
SA-04 Acquisitions 5929
SA-05 Information System Documentation 9921
SA-06 Software Usage Restrictions 5118
SA-07 User Installed Software 4638
SA-08 Security Engineering Principles 9282
SA-09 External Information System Services 5984
SA-10 Developer Configuration Management 5169
SA-11 Developer Security Testing 5156
SC-01 System And Communications Protection Policy And Procedures 6062
SC-02 Application Partitioning 6174
SC-03 Security Function Isolation 7626
SC-04 Information Remnance 8628
SC-05 Denial Of Service Protection 7282
SC-06 Resource Priority 4903
SC-07 Boundary Protection 11494
SC-08 Transmission Integrity 8460
SC-09 Transmission Confidentiality 8198
SC-10 Network Disconnect 5239
SC-11 Trusted Path 6155
SC-12 Cryptographic Key Establishment And Management 6704
SC-13 Use Of Cryptography 7457
SC-14 Public Access Protections 4673
SC-15 Collaborative Computing 5740
SC-16 Transmission Of Security Parameters 3727
SC-17 Public Key Infrastructure Certificates 3917
SC-18 Mobile Code 7310
SC-19 Voice Over Internet Protocol 3483
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 6562
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4043
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3896
SC-23 Session Authenticity 7695
SI-01 System And Information Integrity Policy And Procedures 5589
SI-02 Flaw Remediation 9223
SI-03 Malicious Code Protection 9854
SI-04 Information System Monitoring Tools And Techniques 9247
SI-05 Security Alerts And Advisories 5416
SI-06 Security Functionality Verification 9417
SI-07 Software And Information Integrity 8615
SI-08 Spam Protection 3583
SI-09 Information Input Restrictions 3889
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 9468
SI-11 Error Handling 5687
SI-12 Information Output Handling And Retention 4535