11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 11637
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 32597
13-05 Controls catalog SQL export 4187
AC-01 Access Control Policies and Procedures 21639
AC-02 Account Management 11909
AC-03 Access Enforcement 14040
AC-04 Information Flow Enforcement 12993
AC-05 Separation Of Duties 8075
AC-06 Least Privilege 7509
AC-07 Unsuccessful Login Attempts 7060
AC-08 System Use Notification 5934
AC-09 Previous Logon Notification 6290
AC-10 Concurrent Session Control 5594
AC-11 Session Lock 6263
AC-12 Session Termination 5756
AC-13 Supervision And Review -- Access Control 4802
AC-14 Permitted Actions Without Identification Or Authentication 4792
AC-15 Automated Marking 3696
AC-16 Automated Labeling 3362
AC-17 Remote Access 6335
AC-18 Wireless Access Restrictions 5564
AC-19 Access Control For Portable And Mobile Devices 5653
AC-20 Use Of External Information Systems 4736
AT-01 Security Awareness And Training Policy And Procedures 7015
AT-02 Security Awareness 6754
AT-03 Security Training 6466
AT-04 Security Training Records 4577
AT-05 Contacts With Security Groups And Associations 3556
AU-01 Audit And Accountability Policy And Procedures 6800
AU-02 Auditable Events 9587
AU-03 Content Of Audit Records 5572
AU-04 Audit Storage Capacity 4987
AU-05 Response To Audit Processing Failures 5952
AU-06 Audit Monitoring, Analysis, And Reporting 12062
AU-07 Audit Reduction And Report Generation 6566
AU-08 Time Stamps 4700
AU-09 Protection Of Audit Information 5988
AU-10 Non-Repudiation 7268
AU-11 Audit Record Retention 6800
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6410
CA-02 Security Assessments 7763
CA-03 Information System Connections 4788
CA-04 Security Certification 5730
CA-05 Plan Of Action And Milestones 4646
CA-06 Security Accreditation 4797
CA-07 Continuous Monitoring 7150
CM-01 Configuration Management Policy And Procedures 6854
CM-02 Baseline Configuration 7980
CM-03 Configuration Change Control 7208
CM-04 Monitoring Configuration Changes 4719
CM-05 Access Restrictions For Change 5601
CM-06 Configuration Settings 5813
CM-07 Least Functionality 7995
CM-08 Information System Component Inventory 5749
CP-01 Contingency Planning Policy And Procedures 4944
CP-02 Contingency Plan 4533
CP-03 Contingency Training 4122
CP-04 Contingency Plan Testing And Exercises 6474
CP-05 Contingency Plan Update 3849
CP-06 Alternate Storage Site 4276
CP-07 Alternate Processing Site 5227
CP-08 Telecommunications Services 2956
CP-09 Information System Backup 6083
CP-10 Information System Recovery And Reconstitution 5509
IA-01 Identification And Authentication Policy And Procedures 6828
IA-02 User Identification And Authentication 10073
IA-03 Device Identification And Authentication 8017
IA-04 Identifier Management 5570
IA-05 Authenticator Management 7087
IA-06 Authenticator Feedback 4738
IA-07 Cryptographic Module Authentication 7458
IR-01 Incident Response Policy And Procedures 5048
IR-02 Incident Response Training 4622
IR-03 Incident Response Testing And Exercises 6627
IR-04 Incident Handling 7846
IR-05 Incident Monitoring 4614
IR-06 Incident Reporting 4819
IR-07 Incident Response Assistance 4675
MA-01 System Maintenance Policy And Procedures 4913
MA-02 Controlled Maintenance 4942
MA-03 Maintenance Tools 4543
MA-04 Remote Maintenance 4718
MA-05 Maintenance Personnel 3872
MA-06 Timely Maintenance 4164
MP-01 Media Protection Policy And Procedures 5113
MP-02 Media Access 4752
MP-03 Media Labeling 3468
MP-04 Media Storage 3719
MP-05 Media Transport 3573
MP-06 Media Sanitization And Disposal 3836
PE-01 Physical And Environmental Protection Policy And Procedures 4385
PE-02 Physical Access Authorizations 3920
PE-03 Physical Access Control 4935
PE-04 Access Control For Transmission Medium 3537
PE-05 Access Control For Display Medium 3530
PE-06 Monitoring Physical Access 4474
PE-07 Visitor Control 2976
PE-08 Access Records 2766
PE-09 Power Equipment And Power Cabling 3660
PE-10 Emergency Shutoff 3531
PE-11 Emergency Power 3372
PE-12 Emergency Lighting 3300
PE-13 Fire Protection 3502
PE-14 Temperature And Humidity Controls 3501
PE-15 Water Damage Protection 3463
PE-16 Delivery And Removal 3340
PE-17 Alternate Work Site 2910
PE-18 Location Of Information System Components 2983
PE-19 Information Leakage 3427
PL-01 Security Planning Policy And Procedures 6661
PL-02 System Security Plan 4345
PL-03 System Security Plan Update 2706
PL-04 Rules Of Behavior 5252
PL-05 Privacy Impact Assessment 3734
PL-06 Security-Related Activity Planning 2943
PS-01 Personnel Security Policy And Procedures 4382
PS-02 Position Categorization 3149
PS-03 Personnel Screening 3017
PS-04 Personnel Termination 2838
PS-05 Personnel Transfer 2776
PS-06 Access Agreements 4497
PS-07 Third-Party Personnel Security 4270
PS-08 Personnel Sanctions 3153
RA-01 Risk Assessment Policy And Procedures 4896
RA-02 Security Categorization 6492
RA-03 Risk Assessment 6366
RA-04 Risk Assessment Update 4532
RA-05 Vulnerability Scanning 6644
SA-01 System And Services Acquisition Policy And Procedures 5645
SA-02 Allocation Of Resources 4906
SA-03 Life Cycle Support 5414
SA-04 Acquisitions 5193
SA-05 Information System Documentation 8712
SA-06 Software Usage Restrictions 4492
SA-07 User Installed Software 4024
SA-08 Security Engineering Principles 8446
SA-09 External Information System Services 5162
SA-10 Developer Configuration Management 4436
SA-11 Developer Security Testing 4539
SC-01 System And Communications Protection Policy And Procedures 5218
SC-02 Application Partitioning 5358
SC-03 Security Function Isolation 6606
SC-04 Information Remnance 7763
SC-05 Denial Of Service Protection 6348
SC-06 Resource Priority 4287
SC-07 Boundary Protection 9783
SC-08 Transmission Integrity 7396
SC-09 Transmission Confidentiality 7120
SC-10 Network Disconnect 4574
SC-11 Trusted Path 5369
SC-12 Cryptographic Key Establishment And Management 5740
SC-13 Use Of Cryptography 6480
SC-14 Public Access Protections 4156
SC-15 Collaborative Computing 5090
SC-16 Transmission Of Security Parameters 3270
SC-17 Public Key Infrastructure Certificates 3425
SC-18 Mobile Code 6448
SC-19 Voice Over Internet Protocol 3070
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5774
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3500
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3393
SC-23 Session Authenticity 6698
SI-01 System And Information Integrity Policy And Procedures 4974
SI-02 Flaw Remediation 7952
SI-03 Malicious Code Protection 8593
SI-04 Information System Monitoring Tools And Techniques 7425
SI-05 Security Alerts And Advisories 4743
SI-06 Security Functionality Verification 8506
SI-07 Software And Information Integrity 7780
SI-08 Spam Protection 3128
SI-09 Information Input Restrictions 3374
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8718
SI-11 Error Handling 4985
SI-12 Information Output Handling And Retention 3966