11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 10280
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 29586
13-05 Controls catalog SQL export 3809
AC-01 Access Control Policies and Procedures 19674
AC-02 Account Management 10831
AC-03 Access Enforcement 11136
AC-04 Information Flow Enforcement 11857
AC-05 Separation Of Duties 6921
AC-06 Least Privilege 6768
AC-07 Unsuccessful Login Attempts 6411
AC-08 System Use Notification 5427
AC-09 Previous Logon Notification 5853
AC-10 Concurrent Session Control 5109
AC-11 Session Lock 5623
AC-12 Session Termination 5167
AC-13 Supervision And Review -- Access Control 4402
AC-14 Permitted Actions Without Identification Or Authentication 4525
AC-15 Automated Marking 3421
AC-16 Automated Labeling 3152
AC-17 Remote Access 5602
AC-18 Wireless Access Restrictions 5042
AC-19 Access Control For Portable And Mobile Devices 5167
AC-20 Use Of External Information Systems 4062
AT-01 Security Awareness And Training Policy And Procedures 6425
AT-02 Security Awareness 6226
AT-03 Security Training 5914
AT-04 Security Training Records 4246
AT-05 Contacts With Security Groups And Associations 3177
AU-01 Audit And Accountability Policy And Procedures 6192
AU-02 Auditable Events 8652
AU-03 Content Of Audit Records 5019
AU-04 Audit Storage Capacity 4560
AU-05 Response To Audit Processing Failures 5395
AU-06 Audit Monitoring, Analysis, And Reporting 11145
AU-07 Audit Reduction And Report Generation 5984
AU-08 Time Stamps 4294
AU-09 Protection Of Audit Information 5459
AU-10 Non-Repudiation 6801
AU-11 Audit Record Retention 6406
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5910
CA-02 Security Assessments 6974
CA-03 Information System Connections 4305
CA-04 Security Certification 5288
CA-05 Plan Of Action And Milestones 4280
CA-06 Security Accreditation 4447
CA-07 Continuous Monitoring 6550
CM-01 Configuration Management Policy And Procedures 6342
CM-02 Baseline Configuration 7241
CM-03 Configuration Change Control 6632
CM-04 Monitoring Configuration Changes 4398
CM-05 Access Restrictions For Change 5217
CM-06 Configuration Settings 5298
CM-07 Least Functionality 7322
CM-08 Information System Component Inventory 5211
CP-01 Contingency Planning Policy And Procedures 4495
CP-02 Contingency Plan 4156
CP-03 Contingency Training 3827
CP-04 Contingency Plan Testing And Exercises 5931
CP-05 Contingency Plan Update 3581
CP-06 Alternate Storage Site 3875
CP-07 Alternate Processing Site 4807
CP-08 Telecommunications Services 2712
CP-09 Information System Backup 5485
CP-10 Information System Recovery And Reconstitution 5059
IA-01 Identification And Authentication Policy And Procedures 6233
IA-02 User Identification And Authentication 9079
IA-03 Device Identification And Authentication 7341
IA-04 Identifier Management 5148
IA-05 Authenticator Management 6507
IA-06 Authenticator Feedback 4356
IA-07 Cryptographic Module Authentication 6811
IR-01 Incident Response Policy And Procedures 4538
IR-02 Incident Response Training 4297
IR-03 Incident Response Testing And Exercises 6198
IR-04 Incident Handling 7269
IR-05 Incident Monitoring 4245
IR-06 Incident Reporting 4450
IR-07 Incident Response Assistance 4323
MA-01 System Maintenance Policy And Procedures 4472
MA-02 Controlled Maintenance 4563
MA-03 Maintenance Tools 4183
MA-04 Remote Maintenance 4341
MA-05 Maintenance Personnel 3591
MA-06 Timely Maintenance 3894
MP-01 Media Protection Policy And Procedures 4734
MP-02 Media Access 4373
MP-03 Media Labeling 3218
MP-04 Media Storage 3428
MP-05 Media Transport 3299
MP-06 Media Sanitization And Disposal 3495
PE-01 Physical And Environmental Protection Policy And Procedures 4042
PE-02 Physical Access Authorizations 3636
PE-03 Physical Access Control 4471
PE-04 Access Control For Transmission Medium 3205
PE-05 Access Control For Display Medium 3278
PE-06 Monitoring Physical Access 4132
PE-07 Visitor Control 2728
PE-08 Access Records 2537
PE-09 Power Equipment And Power Cabling 3389
PE-10 Emergency Shutoff 3248
PE-11 Emergency Power 3157
PE-12 Emergency Lighting 3072
PE-13 Fire Protection 3243
PE-14 Temperature And Humidity Controls 3263
PE-15 Water Damage Protection 3195
PE-16 Delivery And Removal 3121
PE-17 Alternate Work Site 2682
PE-18 Location Of Information System Components 2778
PE-19 Information Leakage 3099
PL-01 Security Planning Policy And Procedures 6100
PL-02 System Security Plan 3996
PL-03 System Security Plan Update 2531
PL-04 Rules Of Behavior 4867
PL-05 Privacy Impact Assessment 2935
PL-06 Security-Related Activity Planning 2718
PS-01 Personnel Security Policy And Procedures 3991
PS-02 Position Categorization 2926
PS-03 Personnel Screening 2750
PS-04 Personnel Termination 2649
PS-05 Personnel Transfer 2604
PS-06 Access Agreements 4169
PS-07 Third-Party Personnel Security 3854
PS-08 Personnel Sanctions 2829
RA-01 Risk Assessment Policy And Procedures 4416
RA-02 Security Categorization 6075
RA-03 Risk Assessment 5793
RA-04 Risk Assessment Update 4237
RA-05 Vulnerability Scanning 5972
SA-01 System And Services Acquisition Policy And Procedures 5111
SA-02 Allocation Of Resources 4581
SA-03 Life Cycle Support 4967
SA-04 Acquisitions 4790
SA-05 Information System Documentation 8028
SA-06 Software Usage Restrictions 4156
SA-07 User Installed Software 3709
SA-08 Security Engineering Principles 7945
SA-09 External Information System Services 4678
SA-10 Developer Configuration Management 4090
SA-11 Developer Security Testing 4173
SC-01 System And Communications Protection Policy And Procedures 4760
SC-02 Application Partitioning 4843
SC-03 Security Function Isolation 6018
SC-04 Information Remnance 7256
SC-05 Denial Of Service Protection 5799
SC-06 Resource Priority 3997
SC-07 Boundary Protection 8589
SC-08 Transmission Integrity 6759
SC-09 Transmission Confidentiality 6477
SC-10 Network Disconnect 4244
SC-11 Trusted Path 4885
SC-12 Cryptographic Key Establishment And Management 5205
SC-13 Use Of Cryptography 5922
SC-14 Public Access Protections 3849
SC-15 Collaborative Computing 4647
SC-16 Transmission Of Security Parameters 2998
SC-17 Public Key Infrastructure Certificates 3173
SC-18 Mobile Code 5908
SC-19 Voice Over Internet Protocol 2780
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5300
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3208
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3132
SC-23 Session Authenticity 6013
SI-01 System And Information Integrity Policy And Procedures 4624
SI-02 Flaw Remediation 7250
SI-03 Malicious Code Protection 7871
SI-04 Information System Monitoring Tools And Techniques 6472
SI-05 Security Alerts And Advisories 4355
SI-06 Security Functionality Verification 6411
SI-07 Software And Information Integrity 7338
SI-08 Spam Protection 2864
SI-09 Information Input Restrictions 3101
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 7816
SI-11 Error Handling 4565
SI-12 Information Output Handling And Retention 3620