11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 14819
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 39636
13-05 Controls catalog SQL export 5145
AC-01 Access Control Policies and Procedures 26000
AC-02 Account Management 14671
AC-03 Access Enforcement 17231
AC-04 Information Flow Enforcement 16084
AC-05 Separation Of Duties 9762
AC-06 Least Privilege 9468
AC-07 Unsuccessful Login Attempts 8831
AC-08 System Use Notification 7298
AC-09 Previous Logon Notification 7435
AC-10 Concurrent Session Control 6985
AC-11 Session Lock 7914
AC-12 Session Termination 7490
AC-13 Supervision And Review -- Access Control 5826
AC-14 Permitted Actions Without Identification Or Authentication 5694
AC-15 Automated Marking 4599
AC-16 Automated Labeling 4105
AC-17 Remote Access 8018
AC-18 Wireless Access Restrictions 7147
AC-19 Access Control For Portable And Mobile Devices 7032
AC-20 Use Of External Information Systems 6397
AT-01 Security Awareness And Training Policy And Procedures 8719
AT-02 Security Awareness 8264
AT-03 Security Training 8031
AT-04 Security Training Records 5573
AT-05 Contacts With Security Groups And Associations 4437
AU-01 Audit And Accountability Policy And Procedures 8654
AU-02 Auditable Events 11998
AU-03 Content Of Audit Records 6980
AU-04 Audit Storage Capacity 6194
AU-05 Response To Audit Processing Failures 7468
AU-06 Audit Monitoring, Analysis, And Reporting 14698
AU-07 Audit Reduction And Report Generation 8036
AU-08 Time Stamps 5866
AU-09 Protection Of Audit Information 7541
AU-10 Non-Repudiation 8572
AU-11 Audit Record Retention 7953
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7761
CA-02 Security Assessments 9762
CA-03 Information System Connections 5988
CA-04 Security Certification 7104
CA-05 Plan Of Action And Milestones 5703
CA-06 Security Accreditation 5838
CA-07 Continuous Monitoring 8888
CM-01 Configuration Management Policy And Procedures 8271
CM-02 Baseline Configuration 9680
CM-03 Configuration Change Control 8845
CM-04 Monitoring Configuration Changes 5887
CM-05 Access Restrictions For Change 6899
CM-06 Configuration Settings 7133
CM-07 Least Functionality 9853
CM-08 Information System Component Inventory 7145
CP-01 Contingency Planning Policy And Procedures 6257
CP-02 Contingency Plan 5712
CP-03 Contingency Training 5072
CP-04 Contingency Plan Testing And Exercises 8091
CP-05 Contingency Plan Update 4733
CP-06 Alternate Storage Site 5315
CP-07 Alternate Processing Site 6486
CP-08 Telecommunications Services 3659
CP-09 Information System Backup 7748
CP-10 Information System Recovery And Reconstitution 6948
IA-01 Identification And Authentication Policy And Procedures 8547
IA-02 User Identification And Authentication 12640
IA-03 Device Identification And Authentication 9925
IA-04 Identifier Management 6892
IA-05 Authenticator Management 8528
IA-06 Authenticator Feedback 5937
IA-07 Cryptographic Module Authentication 9113
IR-01 Incident Response Policy And Procedures 6507
IR-02 Incident Response Training 5684
IR-03 Incident Response Testing And Exercises 7845
IR-04 Incident Handling 9795
IR-05 Incident Monitoring 5748
IR-06 Incident Reporting 5916
IR-07 Incident Response Assistance 5742
MA-01 System Maintenance Policy And Procedures 5970
MA-02 Controlled Maintenance 6008
MA-03 Maintenance Tools 5709
MA-04 Remote Maintenance 5981
MA-05 Maintenance Personnel 4739
MA-06 Timely Maintenance 5107
MP-01 Media Protection Policy And Procedures 6139
MP-02 Media Access 5899
MP-03 Media Labeling 4287
MP-04 Media Storage 4530
MP-05 Media Transport 4464
MP-06 Media Sanitization And Disposal 4857
PE-01 Physical And Environmental Protection Policy And Procedures 5372
PE-02 Physical Access Authorizations 4895
PE-03 Physical Access Control 6259
PE-04 Access Control For Transmission Medium 4511
PE-05 Access Control For Display Medium 4351
PE-06 Monitoring Physical Access 5536
PE-07 Visitor Control 3710
PE-08 Access Records 3426
PE-09 Power Equipment And Power Cabling 4505
PE-10 Emergency Shutoff 4360
PE-11 Emergency Power 4132
PE-12 Emergency Lighting 4064
PE-13 Fire Protection 4287
PE-14 Temperature And Humidity Controls 4258
PE-15 Water Damage Protection 4218
PE-16 Delivery And Removal 4123
PE-17 Alternate Work Site 3591
PE-18 Location Of Information System Components 3659
PE-19 Information Leakage 4209
PL-01 Security Planning Policy And Procedures 8108
PL-02 System Security Plan 5412
PL-03 System Security Plan Update 3268
PL-04 Rules Of Behavior 6406
PL-05 Privacy Impact Assessment 4428
PL-06 Security-Related Activity Planning 3631
PS-01 Personnel Security Policy And Procedures 5401
PS-02 Position Categorization 3884
PS-03 Personnel Screening 3768
PS-04 Personnel Termination 3444
PS-05 Personnel Transfer 3360
PS-06 Access Agreements 5534
PS-07 Third-Party Personnel Security 5334
PS-08 Personnel Sanctions 4079
RA-01 Risk Assessment Policy And Procedures 6117
RA-02 Security Categorization 7688
RA-03 Risk Assessment 8106
RA-04 Risk Assessment Update 5503
RA-05 Vulnerability Scanning 8529
SA-01 System And Services Acquisition Policy And Procedures 6957
SA-02 Allocation Of Resources 5909
SA-03 Life Cycle Support 6705
SA-04 Acquisitions 6407
SA-05 Information System Documentation 10820
SA-06 Software Usage Restrictions 5539
SA-07 User Installed Software 5065
SA-08 Security Engineering Principles 9897
SA-09 External Information System Services 6483
SA-10 Developer Configuration Management 5612
SA-11 Developer Security Testing 5495
SC-01 System And Communications Protection Policy And Procedures 6567
SC-02 Application Partitioning 6756
SC-03 Security Function Isolation 8271
SC-04 Information Remnance 9211
SC-05 Denial Of Service Protection 7917
SC-06 Resource Priority 5315
SC-07 Boundary Protection 12580
SC-08 Transmission Integrity 9116
SC-09 Transmission Confidentiality 8875
SC-10 Network Disconnect 5708
SC-11 Trusted Path 6660
SC-12 Cryptographic Key Establishment And Management 7314
SC-13 Use Of Cryptography 8054
SC-14 Public Access Protections 5052
SC-15 Collaborative Computing 6228
SC-16 Transmission Of Security Parameters 3985
SC-17 Public Key Infrastructure Certificates 4257
SC-18 Mobile Code 7881
SC-19 Voice Over Internet Protocol 3733
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 7115
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4407
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4215
SC-23 Session Authenticity 8395
SI-01 System And Information Integrity Policy And Procedures 5948
SI-02 Flaw Remediation 10071
SI-03 Malicious Code Protection 10650
SI-04 Information System Monitoring Tools And Techniques 10479
SI-05 Security Alerts And Advisories 5878
SI-06 Security Functionality Verification 10044
SI-07 Software And Information Integrity 9170
SI-08 Spam Protection 3907
SI-09 Information Input Restrictions 4191
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 10002
SI-11 Error Handling 6113
SI-12 Information Output Handling And Retention 4921