11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 11198
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 31627
13-05 Controls catalog SQL export 4057
AC-01 Access Control Policies and Procedures 21036
AC-02 Account Management 11546
AC-03 Access Enforcement 13631
AC-04 Information Flow Enforcement 12628
AC-05 Separation Of Duties 7889
AC-06 Least Privilege 7250
AC-07 Unsuccessful Login Attempts 6853
AC-08 System Use Notification 5766
AC-09 Previous Logon Notification 6165
AC-10 Concurrent Session Control 5464
AC-11 Session Lock 6083
AC-12 Session Termination 5558
AC-13 Supervision And Review -- Access Control 4677
AC-14 Permitted Actions Without Identification Or Authentication 4709
AC-15 Automated Marking 3607
AC-16 Automated Labeling 3301
AC-17 Remote Access 6113
AC-18 Wireless Access Restrictions 5390
AC-19 Access Control For Portable And Mobile Devices 5522
AC-20 Use Of External Information Systems 4485
AT-01 Security Awareness And Training Policy And Procedures 6826
AT-02 Security Awareness 6590
AT-03 Security Training 6291
AT-04 Security Training Records 4477
AT-05 Contacts With Security Groups And Associations 3424
AU-01 Audit And Accountability Policy And Procedures 6618
AU-02 Auditable Events 9284
AU-03 Content Of Audit Records 5422
AU-04 Audit Storage Capacity 4858
AU-05 Response To Audit Processing Failures 5770
AU-06 Audit Monitoring, Analysis, And Reporting 11795
AU-07 Audit Reduction And Report Generation 6389
AU-08 Time Stamps 4582
AU-09 Protection Of Audit Information 5839
AU-10 Non-Repudiation 7117
AU-11 Audit Record Retention 6678
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6254
CA-02 Security Assessments 7470
CA-03 Information System Connections 4578
CA-04 Security Certification 5590
CA-05 Plan Of Action And Milestones 4535
CA-06 Security Accreditation 4689
CA-07 Continuous Monitoring 6966
CM-01 Configuration Management Policy And Procedures 6707
CM-02 Baseline Configuration 7761
CM-03 Configuration Change Control 7038
CM-04 Monitoring Configuration Changes 4620
CM-05 Access Restrictions For Change 5493
CM-06 Configuration Settings 5676
CM-07 Least Functionality 7777
CM-08 Information System Component Inventory 5597
CP-01 Contingency Planning Policy And Procedures 4773
CP-02 Contingency Plan 4414
CP-03 Contingency Training 4045
CP-04 Contingency Plan Testing And Exercises 6288
CP-05 Contingency Plan Update 3779
CP-06 Alternate Storage Site 4149
CP-07 Alternate Processing Site 5113
CP-08 Telecommunications Services 2881
CP-09 Information System Backup 5905
CP-10 Information System Recovery And Reconstitution 5382
IA-01 Identification And Authentication Policy And Procedures 6640
IA-02 User Identification And Authentication 9761
IA-03 Device Identification And Authentication 7806
IA-04 Identifier Management 5436
IA-05 Authenticator Management 6878
IA-06 Authenticator Feedback 4603
IA-07 Cryptographic Module Authentication 7245
IR-01 Incident Response Policy And Procedures 4874
IR-02 Incident Response Training 4512
IR-03 Incident Response Testing And Exercises 6484
IR-04 Incident Handling 7671
IR-05 Incident Monitoring 4497
IR-06 Incident Reporting 4728
IR-07 Incident Response Assistance 4559
MA-01 System Maintenance Policy And Procedures 4762
MA-02 Controlled Maintenance 4821
MA-03 Maintenance Tools 4450
MA-04 Remote Maintenance 4587
MA-05 Maintenance Personnel 3794
MA-06 Timely Maintenance 4088
MP-01 Media Protection Policy And Procedures 4998
MP-02 Media Access 4650
MP-03 Media Labeling 3396
MP-04 Media Storage 3646
MP-05 Media Transport 3504
MP-06 Media Sanitization And Disposal 3732
PE-01 Physical And Environmental Protection Policy And Procedures 4259
PE-02 Physical Access Authorizations 3828
PE-03 Physical Access Control 4798
PE-04 Access Control For Transmission Medium 3423
PE-05 Access Control For Display Medium 3461
PE-06 Monitoring Physical Access 4371
PE-07 Visitor Control 2914
PE-08 Access Records 2686
PE-09 Power Equipment And Power Cabling 3572
PE-10 Emergency Shutoff 3453
PE-11 Emergency Power 3308
PE-12 Emergency Lighting 3223
PE-13 Fire Protection 3427
PE-14 Temperature And Humidity Controls 3433
PE-15 Water Damage Protection 3373
PE-16 Delivery And Removal 3267
PE-17 Alternate Work Site 2848
PE-18 Location Of Information System Components 2920
PE-19 Information Leakage 3314
PL-01 Security Planning Policy And Procedures 6467
PL-02 System Security Plan 4243
PL-03 System Security Plan Update 2656
PL-04 Rules Of Behavior 5147
PL-05 Privacy Impact Assessment 3656
PL-06 Security-Related Activity Planning 2870
PS-01 Personnel Security Policy And Procedures 4258
PS-02 Position Categorization 3092
PS-03 Personnel Screening 2937
PS-04 Personnel Termination 2783
PS-05 Personnel Transfer 2722
PS-06 Access Agreements 4400
PS-07 Third-Party Personnel Security 4123
PS-08 Personnel Sanctions 3049
RA-01 Risk Assessment Policy And Procedures 4752
RA-02 Security Categorization 6368
RA-03 Risk Assessment 6194
RA-04 Risk Assessment Update 4439
RA-05 Vulnerability Scanning 6439
SA-01 System And Services Acquisition Policy And Procedures 5468
SA-02 Allocation Of Resources 4796
SA-03 Life Cycle Support 5280
SA-04 Acquisitions 5075
SA-05 Information System Documentation 8502
SA-06 Software Usage Restrictions 4389
SA-07 User Installed Software 3909
SA-08 Security Engineering Principles 8276
SA-09 External Information System Services 4976
SA-10 Developer Configuration Management 4298
SA-11 Developer Security Testing 4433
SC-01 System And Communications Protection Policy And Procedures 5034
SC-02 Application Partitioning 5216
SC-03 Security Function Isolation 6401
SC-04 Information Remnance 7588
SC-05 Denial Of Service Protection 6148
SC-06 Resource Priority 4195
SC-07 Boundary Protection 9397
SC-08 Transmission Integrity 7205
SC-09 Transmission Confidentiality 6931
SC-10 Network Disconnect 4473
SC-11 Trusted Path 5232
SC-12 Cryptographic Key Establishment And Management 5554
SC-13 Use Of Cryptography 6298
SC-14 Public Access Protections 4083
SC-15 Collaborative Computing 4975
SC-16 Transmission Of Security Parameters 3181
SC-17 Public Key Infrastructure Certificates 3352
SC-18 Mobile Code 6272
SC-19 Voice Over Internet Protocol 2980
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5629
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3422
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3307
SC-23 Session Authenticity 6458
SI-01 System And Information Integrity Policy And Procedures 4868
SI-02 Flaw Remediation 7715
SI-03 Malicious Code Protection 8341
SI-04 Information System Monitoring Tools And Techniques 7086
SI-05 Security Alerts And Advisories 4621
SI-06 Security Functionality Verification 8390
SI-07 Software And Information Integrity 7632
SI-08 Spam Protection 3042
SI-09 Information Input Restrictions 3296
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8566
SI-11 Error Handling 4873
SI-12 Information Output Handling And Retention 3858