11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 10097
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 29242
13-05 Controls catalog SQL export 3764
AC-01 Access Control Policies and Procedures 19352
AC-02 Account Management 10672
AC-03 Access Enforcement 10973
AC-04 Information Flow Enforcement 11711
AC-05 Separation Of Duties 6837
AC-06 Least Privilege 6660
AC-07 Unsuccessful Login Attempts 6319
AC-08 System Use Notification 5348
AC-09 Previous Logon Notification 5799
AC-10 Concurrent Session Control 5039
AC-11 Session Lock 5543
AC-12 Session Termination 5086
AC-13 Supervision And Review -- Access Control 4356
AC-14 Permitted Actions Without Identification Or Authentication 4487
AC-15 Automated Marking 3381
AC-16 Automated Labeling 3114
AC-17 Remote Access 5506
AC-18 Wireless Access Restrictions 4970
AC-19 Access Control For Portable And Mobile Devices 5085
AC-20 Use Of External Information Systems 3997
AT-01 Security Awareness And Training Policy And Procedures 6319
AT-02 Security Awareness 6155
AT-03 Security Training 5820
AT-04 Security Training Records 4200
AT-05 Contacts With Security Groups And Associations 3122
AU-01 Audit And Accountability Policy And Procedures 6118
AU-02 Auditable Events 8532
AU-03 Content Of Audit Records 4951
AU-04 Audit Storage Capacity 4498
AU-05 Response To Audit Processing Failures 5314
AU-06 Audit Monitoring, Analysis, And Reporting 11000
AU-07 Audit Reduction And Report Generation 5894
AU-08 Time Stamps 4230
AU-09 Protection Of Audit Information 5385
AU-10 Non-Repudiation 6737
AU-11 Audit Record Retention 6349
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5840
CA-02 Security Assessments 6848
CA-03 Information System Connections 4251
CA-04 Security Certification 5227
CA-05 Plan Of Action And Milestones 4233
CA-06 Security Accreditation 4398
CA-07 Continuous Monitoring 6475
CM-01 Configuration Management Policy And Procedures 6273
CM-02 Baseline Configuration 7148
CM-03 Configuration Change Control 6540
CM-04 Monitoring Configuration Changes 4346
CM-05 Access Restrictions For Change 5150
CM-06 Configuration Settings 5220
CM-07 Least Functionality 7232
CM-08 Information System Component Inventory 5145
CP-01 Contingency Planning Policy And Procedures 4443
CP-02 Contingency Plan 4099
CP-03 Contingency Training 3767
CP-04 Contingency Plan Testing And Exercises 5869
CP-05 Contingency Plan Update 3541
CP-06 Alternate Storage Site 3835
CP-07 Alternate Processing Site 4745
CP-08 Telecommunications Services 2674
CP-09 Information System Backup 5410
CP-10 Information System Recovery And Reconstitution 4990
IA-01 Identification And Authentication Policy And Procedures 6150
IA-02 User Identification And Authentication 8947
IA-03 Device Identification And Authentication 7248
IA-04 Identifier Management 5073
IA-05 Authenticator Management 6434
IA-06 Authenticator Feedback 4310
IA-07 Cryptographic Module Authentication 6729
IR-01 Incident Response Policy And Procedures 4480
IR-02 Incident Response Training 4232
IR-03 Incident Response Testing And Exercises 6144
IR-04 Incident Handling 7168
IR-05 Incident Monitoring 4194
IR-06 Incident Reporting 4412
IR-07 Incident Response Assistance 4275
MA-01 System Maintenance Policy And Procedures 4424
MA-02 Controlled Maintenance 4508
MA-03 Maintenance Tools 4140
MA-04 Remote Maintenance 4295
MA-05 Maintenance Personnel 3550
MA-06 Timely Maintenance 3846
MP-01 Media Protection Policy And Procedures 4686
MP-02 Media Access 4319
MP-03 Media Labeling 3175
MP-04 Media Storage 3380
MP-05 Media Transport 3258
MP-06 Media Sanitization And Disposal 3457
PE-01 Physical And Environmental Protection Policy And Procedures 4006
PE-02 Physical Access Authorizations 3595
PE-03 Physical Access Control 4411
PE-04 Access Control For Transmission Medium 3165
PE-05 Access Control For Display Medium 3238
PE-06 Monitoring Physical Access 4077
PE-07 Visitor Control 2690
PE-08 Access Records 2502
PE-09 Power Equipment And Power Cabling 3343
PE-10 Emergency Shutoff 3213
PE-11 Emergency Power 3120
PE-12 Emergency Lighting 3035
PE-13 Fire Protection 3206
PE-14 Temperature And Humidity Controls 3227
PE-15 Water Damage Protection 3158
PE-16 Delivery And Removal 3086
PE-17 Alternate Work Site 2655
PE-18 Location Of Information System Components 2743
PE-19 Information Leakage 3058
PL-01 Security Planning Policy And Procedures 6024
PL-02 System Security Plan 3951
PL-03 System Security Plan Update 2501
PL-04 Rules Of Behavior 4822
PL-05 Privacy Impact Assessment 2901
PL-06 Security-Related Activity Planning 2690
PS-01 Personnel Security Policy And Procedures 3947
PS-02 Position Categorization 2896
PS-03 Personnel Screening 2712
PS-04 Personnel Termination 2622
PS-05 Personnel Transfer 2571
PS-06 Access Agreements 4121
PS-07 Third-Party Personnel Security 3806
PS-08 Personnel Sanctions 2790
RA-01 Risk Assessment Policy And Procedures 4365
RA-02 Security Categorization 6009
RA-03 Risk Assessment 5703
RA-04 Risk Assessment Update 4188
RA-05 Vulnerability Scanning 5885
SA-01 System And Services Acquisition Policy And Procedures 5036
SA-02 Allocation Of Resources 4531
SA-03 Life Cycle Support 4883
SA-04 Acquisitions 4728
SA-05 Information System Documentation 7943
SA-06 Software Usage Restrictions 4093
SA-07 User Installed Software 3664
SA-08 Security Engineering Principles 7857
SA-09 External Information System Services 4618
SA-10 Developer Configuration Management 4035
SA-11 Developer Security Testing 4119
SC-01 System And Communications Protection Policy And Procedures 4705
SC-02 Application Partitioning 4785
SC-03 Security Function Isolation 5937
SC-04 Information Remnance 7189
SC-05 Denial Of Service Protection 5713
SC-06 Resource Priority 3953
SC-07 Boundary Protection 8482
SC-08 Transmission Integrity 6673
SC-09 Transmission Confidentiality 6386
SC-10 Network Disconnect 4195
SC-11 Trusted Path 4823
SC-12 Cryptographic Key Establishment And Management 5146
SC-13 Use Of Cryptography 5838
SC-14 Public Access Protections 3800
SC-15 Collaborative Computing 4600
SC-16 Transmission Of Security Parameters 2959
SC-17 Public Key Infrastructure Certificates 3137
SC-18 Mobile Code 5836
SC-19 Voice Over Internet Protocol 2749
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5239
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3170
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3097
SC-23 Session Authenticity 5934
SI-01 System And Information Integrity Policy And Procedures 4577
SI-02 Flaw Remediation 7164
SI-03 Malicious Code Protection 7759
SI-04 Information System Monitoring Tools And Techniques 6358
SI-05 Security Alerts And Advisories 4302
SI-06 Security Functionality Verification 6350
SI-07 Software And Information Integrity 7278
SI-08 Spam Protection 2820
SI-09 Information Input Restrictions 3063
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 7227
SI-11 Error Handling 4500
SI-12 Information Output Handling And Retention 3577