11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 10938
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 31122
13-05 Controls catalog SQL export 3976
AC-01 Access Control Policies and Procedures 20725
AC-02 Account Management 11393
AC-03 Access Enforcement 13416
AC-04 Information Flow Enforcement 12459
AC-05 Separation Of Duties 7613
AC-06 Least Privilege 7122
AC-07 Unsuccessful Login Attempts 6749
AC-08 System Use Notification 5693
AC-09 Previous Logon Notification 6092
AC-10 Concurrent Session Control 5380
AC-11 Session Lock 5978
AC-12 Session Termination 5454
AC-13 Supervision And Review -- Access Control 4608
AC-14 Permitted Actions Without Identification Or Authentication 4658
AC-15 Automated Marking 3564
AC-16 Automated Labeling 3260
AC-17 Remote Access 5915
AC-18 Wireless Access Restrictions 5307
AC-19 Access Control For Portable And Mobile Devices 5441
AC-20 Use Of External Information Systems 4377
AT-01 Security Awareness And Training Policy And Procedures 6736
AT-02 Security Awareness 6490
AT-03 Security Training 6199
AT-04 Security Training Records 4419
AT-05 Contacts With Security Groups And Associations 3334
AU-01 Audit And Accountability Policy And Procedures 6513
AU-02 Auditable Events 9150
AU-03 Content Of Audit Records 5340
AU-04 Audit Storage Capacity 4788
AU-05 Response To Audit Processing Failures 5675
AU-06 Audit Monitoring, Analysis, And Reporting 11672
AU-07 Audit Reduction And Report Generation 6290
AU-08 Time Stamps 4516
AU-09 Protection Of Audit Information 5751
AU-10 Non-Repudiation 7037
AU-11 Audit Record Retention 6625
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6179
CA-02 Security Assessments 7347
CA-03 Information System Connections 4481
CA-04 Security Certification 5507
CA-05 Plan Of Action And Milestones 4455
CA-06 Security Accreditation 4626
CA-07 Continuous Monitoring 6865
CM-01 Configuration Management Policy And Procedures 6623
CM-02 Baseline Configuration 7634
CM-03 Configuration Change Control 6918
CM-04 Monitoring Configuration Changes 4562
CM-05 Access Restrictions For Change 5429
CM-06 Configuration Settings 5598
CM-07 Least Functionality 7665
CM-08 Information System Component Inventory 5503
CP-01 Contingency Planning Policy And Procedures 4684
CP-02 Contingency Plan 4331
CP-03 Contingency Training 3996
CP-04 Contingency Plan Testing And Exercises 6191
CP-05 Contingency Plan Update 3738
CP-06 Alternate Storage Site 4084
CP-07 Alternate Processing Site 5044
CP-08 Telecommunications Services 2842
CP-09 Information System Backup 5817
CP-10 Information System Recovery And Reconstitution 5311
IA-01 Identification And Authentication Policy And Procedures 6546
IA-02 User Identification And Authentication 9594
IA-03 Device Identification And Authentication 7705
IA-04 Identifier Management 5366
IA-05 Authenticator Management 6784
IA-06 Authenticator Feedback 4548
IA-07 Cryptographic Module Authentication 7144
IR-01 Incident Response Policy And Procedures 4787
IR-02 Incident Response Training 4465
IR-03 Incident Response Testing And Exercises 6416
IR-04 Incident Handling 7601
IR-05 Incident Monitoring 4435
IR-06 Incident Reporting 4669
IR-07 Incident Response Assistance 4508
MA-01 System Maintenance Policy And Procedures 4696
MA-02 Controlled Maintenance 4765
MA-03 Maintenance Tools 4396
MA-04 Remote Maintenance 4527
MA-05 Maintenance Personnel 3750
MA-06 Timely Maintenance 4046
MP-01 Media Protection Policy And Procedures 4942
MP-02 Media Access 4590
MP-03 Media Labeling 3359
MP-04 Media Storage 3606
MP-05 Media Transport 3446
MP-06 Media Sanitization And Disposal 3668
PE-01 Physical And Environmental Protection Policy And Procedures 4200
PE-02 Physical Access Authorizations 3778
PE-03 Physical Access Control 4736
PE-04 Access Control For Transmission Medium 3366
PE-05 Access Control For Display Medium 3417
PE-06 Monitoring Physical Access 4322
PE-07 Visitor Control 2875
PE-08 Access Records 2654
PE-09 Power Equipment And Power Cabling 3537
PE-10 Emergency Shutoff 3404
PE-11 Emergency Power 3274
PE-12 Emergency Lighting 3192
PE-13 Fire Protection 3398
PE-14 Temperature And Humidity Controls 3403
PE-15 Water Damage Protection 3337
PE-16 Delivery And Removal 3239
PE-17 Alternate Work Site 2817
PE-18 Location Of Information System Components 2893
PE-19 Information Leakage 3263
PL-01 Security Planning Policy And Procedures 6362
PL-02 System Security Plan 4189
PL-03 System Security Plan Update 2624
PL-04 Rules Of Behavior 5075
PL-05 Privacy Impact Assessment 3433
PL-06 Security-Related Activity Planning 2836
PS-01 Personnel Security Policy And Procedures 4185
PS-02 Position Categorization 3054
PS-03 Personnel Screening 2888
PS-04 Personnel Termination 2746
PS-05 Personnel Transfer 2697
PS-06 Access Agreements 4350
PS-07 Third-Party Personnel Security 4061
PS-08 Personnel Sanctions 2973
RA-01 Risk Assessment Policy And Procedures 4674
RA-02 Security Categorization 6313
RA-03 Risk Assessment 6110
RA-04 Risk Assessment Update 4394
RA-05 Vulnerability Scanning 6308
SA-01 System And Services Acquisition Policy And Procedures 5385
SA-02 Allocation Of Resources 4742
SA-03 Life Cycle Support 5197
SA-04 Acquisitions 5017
SA-05 Information System Documentation 8399
SA-06 Software Usage Restrictions 4338
SA-07 User Installed Software 3873
SA-08 Security Engineering Principles 8214
SA-09 External Information System Services 4910
SA-10 Developer Configuration Management 4251
SA-11 Developer Security Testing 4371
SC-01 System And Communications Protection Policy And Procedures 4964
SC-02 Application Partitioning 5130
SC-03 Security Function Isolation 6299
SC-04 Information Remnance 7506
SC-05 Denial Of Service Protection 6070
SC-06 Resource Priority 4152
SC-07 Boundary Protection 9177
SC-08 Transmission Integrity 7079
SC-09 Transmission Confidentiality 6832
SC-10 Network Disconnect 4420
SC-11 Trusted Path 5161
SC-12 Cryptographic Key Establishment And Management 5463
SC-13 Use Of Cryptography 6202
SC-14 Public Access Protections 4025
SC-15 Collaborative Computing 4885
SC-16 Transmission Of Security Parameters 3140
SC-17 Public Key Infrastructure Certificates 3312
SC-18 Mobile Code 6175
SC-19 Voice Over Internet Protocol 2939
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5547
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3377
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3262
SC-23 Session Authenticity 6365
SI-01 System And Information Integrity Policy And Procedures 4790
SI-02 Flaw Remediation 7596
SI-03 Malicious Code Protection 8233
SI-04 Information System Monitoring Tools And Techniques 6938
SI-05 Security Alerts And Advisories 4563
SI-06 Security Functionality Verification 8329
SI-07 Software And Information Integrity 7562
SI-08 Spam Protection 3004
SI-09 Information Input Restrictions 3258
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8471
SI-11 Error Handling 4814
SI-12 Information Output Handling And Retention 3803