11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 8988
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 26862
13-05 Controls catalog SQL export 3495
AC-01 Access Control Policies and Procedures 17446
AC-02 Account Management 9742
AC-03 Access Enforcement 10000
AC-04 Information Flow Enforcement 10794
AC-05 Separation Of Duties 6320
AC-06 Least Privilege 6132
AC-07 Unsuccessful Login Attempts 5817
AC-08 System Use Notification 4924
AC-09 Previous Logon Notification 5521
AC-10 Concurrent Session Control 4686
AC-11 Session Lock 5142
AC-12 Session Termination 4669
AC-13 Supervision And Review -- Access Control 4045
AC-14 Permitted Actions Without Identification Or Authentication 3015
AC-15 Automated Marking 3167
AC-16 Automated Labeling 2938
AC-17 Remote Access 5007
AC-18 Wireless Access Restrictions 4572
AC-19 Access Control For Portable And Mobile Devices 4737
AC-20 Use Of External Information Systems 3628
AT-01 Security Awareness And Training Policy And Procedures 5806
AT-02 Security Awareness 5731
AT-03 Security Training 5386
AT-04 Security Training Records 3915
AT-05 Contacts With Security Groups And Associations 2901
AU-01 Audit And Accountability Policy And Procedures 5636
AU-02 Auditable Events 7828
AU-03 Content Of Audit Records 4584
AU-04 Audit Storage Capacity 4172
AU-05 Response To Audit Processing Failures 4927
AU-06 Audit Monitoring, Analysis, And Reporting 10230
AU-07 Audit Reduction And Report Generation 5430
AU-08 Time Stamps 3921
AU-09 Protection Of Audit Information 5009
AU-10 Non-Repudiation 6339
AU-11 Audit Record Retention 6019
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5421
CA-02 Security Assessments 6212
CA-03 Information System Connections 3923
CA-04 Security Certification 4924
CA-05 Plan Of Action And Milestones 3949
CA-06 Security Accreditation 4144
CA-07 Continuous Monitoring 5951
CM-01 Configuration Management Policy And Procedures 5909
CM-02 Baseline Configuration 6653
CM-03 Configuration Change Control 6032
CM-04 Monitoring Configuration Changes 4121
CM-05 Access Restrictions For Change 4810
CM-06 Configuration Settings 4800
CM-07 Least Functionality 6722
CM-08 Information System Component Inventory 4782
CP-01 Contingency Planning Policy And Procedures 4112
CP-02 Contingency Plan 3787
CP-03 Contingency Training 3546
CP-04 Contingency Plan Testing And Exercises 5451
CP-05 Contingency Plan Update 3353
CP-06 Alternate Storage Site 3631
CP-07 Alternate Processing Site 4444
CP-08 Telecommunications Services 2513
CP-09 Information System Backup 4912
CP-10 Information System Recovery And Reconstitution 4579
IA-01 Identification And Authentication Policy And Procedures 5730
IA-02 User Identification And Authentication 8192
IA-03 Device Identification And Authentication 6708
IA-04 Identifier Management 4707
IA-05 Authenticator Management 5940
IA-06 Authenticator Feedback 4003
IA-07 Cryptographic Module Authentication 6156
IR-01 Incident Response Policy And Procedures 4160
IR-02 Incident Response Training 3943
IR-03 Incident Response Testing And Exercises 5871
IR-04 Incident Handling 6657
IR-05 Incident Monitoring 3938
IR-06 Incident Reporting 4151
IR-07 Incident Response Assistance 4004
MA-01 System Maintenance Policy And Procedures 4029
MA-02 Controlled Maintenance 4198
MA-03 Maintenance Tools 3912
MA-04 Remote Maintenance 3991
MA-05 Maintenance Personnel 3348
MA-06 Timely Maintenance 3663
MP-01 Media Protection Policy And Procedures 4378
MP-02 Media Access 4050
MP-03 Media Labeling 2945
MP-04 Media Storage 3155
MP-05 Media Transport 2999
MP-06 Media Sanitization And Disposal 3188
PE-01 Physical And Environmental Protection Policy And Procedures 3712
PE-02 Physical Access Authorizations 3359
PE-03 Physical Access Control 4014
PE-04 Access Control For Transmission Medium 2911
PE-05 Access Control For Display Medium 3066
PE-06 Monitoring Physical Access 3785
PE-07 Visitor Control 2507
PE-08 Access Records 2383
PE-09 Power Equipment And Power Cabling 3163
PE-10 Emergency Shutoff 3026
PE-11 Emergency Power 2951
PE-12 Emergency Lighting 2878
PE-13 Fire Protection 3031
PE-14 Temperature And Humidity Controls 3053
PE-15 Water Damage Protection 2990
PE-16 Delivery And Removal 2932
PE-17 Alternate Work Site 2474
PE-18 Location Of Information System Components 2595
PE-19 Information Leakage 2875
PL-01 Security Planning Policy And Procedures 5632
PL-02 System Security Plan 3715
PL-03 System Security Plan Update 2352
PL-04 Rules Of Behavior 4539
PL-05 Privacy Impact Assessment 2727
PL-06 Security-Related Activity Planning 2520
PS-01 Personnel Security Policy And Procedures 3722
PS-02 Position Categorization 2717
PS-03 Personnel Screening 2554
PS-04 Personnel Termination 2497
PS-05 Personnel Transfer 2459
PS-06 Access Agreements 3866
PS-07 Third-Party Personnel Security 3512
PS-08 Personnel Sanctions 2619
RA-01 Risk Assessment Policy And Procedures 4099
RA-02 Security Categorization 5680
RA-03 Risk Assessment 5261
RA-04 Risk Assessment Update 3987
RA-05 Vulnerability Scanning 5354
SA-01 System And Services Acquisition Policy And Procedures 4664
SA-02 Allocation Of Resources 4293
SA-03 Life Cycle Support 4534
SA-04 Acquisitions 4377
SA-05 Information System Documentation 7409
SA-06 Software Usage Restrictions 3760
SA-07 User Installed Software 3427
SA-08 Security Engineering Principles 7429
SA-09 External Information System Services 4248
SA-10 Developer Configuration Management 3737
SA-11 Developer Security Testing 3841
SC-01 System And Communications Protection Policy And Procedures 4400
SC-02 Application Partitioning 4440
SC-03 Security Function Isolation 5532
SC-04 Information Remnance 6796
SC-05 Denial Of Service Protection 5320
SC-06 Resource Priority 3749
SC-07 Boundary Protection 7669
SC-08 Transmission Integrity 6195
SC-09 Transmission Confidentiality 5840
SC-10 Network Disconnect 3957
SC-11 Trusted Path 4506
SC-12 Cryptographic Key Establishment And Management 4727
SC-13 Use Of Cryptography 5380
SC-14 Public Access Protections 3591
SC-15 Collaborative Computing 4281
SC-16 Transmission Of Security Parameters 2734
SC-17 Public Key Infrastructure Certificates 2893
SC-18 Mobile Code 5425
SC-19 Voice Over Internet Protocol 2590
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 4820
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 2950
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2877
SC-23 Session Authenticity 5487
SI-01 System And Information Integrity Policy And Procedures 4351
SI-02 Flaw Remediation 6524
SI-03 Malicious Code Protection 7158
SI-04 Information System Monitoring Tools And Techniques 5676
SI-05 Security Alerts And Advisories 4010
SI-06 Security Functionality Verification 5957
SI-07 Software And Information Integrity 6912
SI-08 Spam Protection 2613
SI-09 Information Input Restrictions 2844
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6576
SI-11 Error Handling 4189
SI-12 Information Output Handling And Retention 3327