11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 14410
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 38636
13-05 Controls catalog SQL export 5022
AC-01 Access Control Policies and Procedures 25418
AC-02 Account Management 14284
AC-03 Access Enforcement 16812
AC-04 Information Flow Enforcement 15666
AC-05 Separation Of Duties 9545
AC-06 Least Privilege 9188
AC-07 Unsuccessful Login Attempts 8589
AC-08 System Use Notification 7110
AC-09 Previous Logon Notification 7295
AC-10 Concurrent Session Control 6789
AC-11 Session Lock 7691
AC-12 Session Termination 7296
AC-13 Supervision And Review -- Access Control 5690
AC-14 Permitted Actions Without Identification Or Authentication 5590
AC-15 Automated Marking 4497
AC-16 Automated Labeling 4010
AC-17 Remote Access 7794
AC-18 Wireless Access Restrictions 6928
AC-19 Access Control For Portable And Mobile Devices 6834
AC-20 Use Of External Information Systems 6189
AT-01 Security Awareness And Training Policy And Procedures 8485
AT-02 Security Awareness 8073
AT-03 Security Training 7828
AT-04 Security Training Records 5456
AT-05 Contacts With Security Groups And Associations 4330
AU-01 Audit And Accountability Policy And Procedures 8407
AU-02 Auditable Events 11675
AU-03 Content Of Audit Records 6803
AU-04 Audit Storage Capacity 6044
AU-05 Response To Audit Processing Failures 7263
AU-06 Audit Monitoring, Analysis, And Reporting 14375
AU-07 Audit Reduction And Report Generation 7845
AU-08 Time Stamps 5709
AU-09 Protection Of Audit Information 7337
AU-10 Non-Repudiation 8411
AU-11 Audit Record Retention 7814
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7586
CA-02 Security Assessments 9502
CA-03 Information System Connections 5845
CA-04 Security Certification 6930
CA-05 Plan Of Action And Milestones 5572
CA-06 Security Accreditation 5698
CA-07 Continuous Monitoring 8684
CM-01 Configuration Management Policy And Procedures 8099
CM-02 Baseline Configuration 9459
CM-03 Configuration Change Control 8638
CM-04 Monitoring Configuration Changes 5754
CM-05 Access Restrictions For Change 6723
CM-06 Configuration Settings 6946
CM-07 Least Functionality 9622
CM-08 Information System Component Inventory 6980
CP-01 Contingency Planning Policy And Procedures 6120
CP-02 Contingency Plan 5543
CP-03 Contingency Training 4955
CP-04 Contingency Plan Testing And Exercises 7889
CP-05 Contingency Plan Update 4615
CP-06 Alternate Storage Site 5185
CP-07 Alternate Processing Site 6318
CP-08 Telecommunications Services 3583
CP-09 Information System Backup 7532
CP-10 Information System Recovery And Reconstitution 6755
IA-01 Identification And Authentication Policy And Procedures 8301
IA-02 User Identification And Authentication 12330
IA-03 Device Identification And Authentication 9685
IA-04 Identifier Management 6705
IA-05 Authenticator Management 8336
IA-06 Authenticator Feedback 5786
IA-07 Cryptographic Module Authentication 8921
IR-01 Incident Response Policy And Procedures 6310
IR-02 Incident Response Training 5561
IR-03 Incident Response Testing And Exercises 7693
IR-04 Incident Handling 9567
IR-05 Incident Monitoring 5608
IR-06 Incident Reporting 5803
IR-07 Incident Response Assistance 5593
MA-01 System Maintenance Policy And Procedures 5829
MA-02 Controlled Maintenance 5864
MA-03 Maintenance Tools 5539
MA-04 Remote Maintenance 5797
MA-05 Maintenance Personnel 4626
MA-06 Timely Maintenance 4981
MP-01 Media Protection Policy And Procedures 5993
MP-02 Media Access 5772
MP-03 Media Labeling 4187
MP-04 Media Storage 4424
MP-05 Media Transport 4347
MP-06 Media Sanitization And Disposal 4746
PE-01 Physical And Environmental Protection Policy And Procedures 5251
PE-02 Physical Access Authorizations 4783
PE-03 Physical Access Control 6081
PE-04 Access Control For Transmission Medium 4382
PE-05 Access Control For Display Medium 4243
PE-06 Monitoring Physical Access 5398
PE-07 Visitor Control 3618
PE-08 Access Records 3358
PE-09 Power Equipment And Power Cabling 4398
PE-10 Emergency Shutoff 4259
PE-11 Emergency Power 4030
PE-12 Emergency Lighting 3962
PE-13 Fire Protection 4185
PE-14 Temperature And Humidity Controls 4164
PE-15 Water Damage Protection 4114
PE-16 Delivery And Removal 4021
PE-17 Alternate Work Site 3504
PE-18 Location Of Information System Components 3575
PE-19 Information Leakage 4126
PL-01 Security Planning Policy And Procedures 7927
PL-02 System Security Plan 5277
PL-03 System Security Plan Update 3199
PL-04 Rules Of Behavior 6232
PL-05 Privacy Impact Assessment 4352
PL-06 Security-Related Activity Planning 3546
PS-01 Personnel Security Policy And Procedures 5273
PS-02 Position Categorization 3773
PS-03 Personnel Screening 3674
PS-04 Personnel Termination 3369
PS-05 Personnel Transfer 3295
PS-06 Access Agreements 5409
PS-07 Third-Party Personnel Security 5222
PS-08 Personnel Sanctions 3967
RA-01 Risk Assessment Policy And Procedures 5966
RA-02 Security Categorization 7533
RA-03 Risk Assessment 7888
RA-04 Risk Assessment Update 5385
RA-05 Vulnerability Scanning 8287
SA-01 System And Services Acquisition Policy And Procedures 6760
SA-02 Allocation Of Resources 5779
SA-03 Life Cycle Support 6543
SA-04 Acquisitions 6243
SA-05 Information System Documentation 10541
SA-06 Software Usage Restrictions 5408
SA-07 User Installed Software 4931
SA-08 Security Engineering Principles 9703
SA-09 External Information System Services 6322
SA-10 Developer Configuration Management 5457
SA-11 Developer Security Testing 5381
SC-01 System And Communications Protection Policy And Procedures 6404
SC-02 Application Partitioning 6564
SC-03 Security Function Isolation 8062
SC-04 Information Remnance 9034
SC-05 Denial Of Service Protection 7710
SC-06 Resource Priority 5193
SC-07 Boundary Protection 12187
SC-08 Transmission Integrity 8894
SC-09 Transmission Confidentiality 8655
SC-10 Network Disconnect 5539
SC-11 Trusted Path 6497
SC-12 Cryptographic Key Establishment And Management 7102
SC-13 Use Of Cryptography 7849
SC-14 Public Access Protections 4930
SC-15 Collaborative Computing 6091
SC-16 Transmission Of Security Parameters 3914
SC-17 Public Key Infrastructure Certificates 4131
SC-18 Mobile Code 7704
SC-19 Voice Over Internet Protocol 3647
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 6926
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4294
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4110
SC-23 Session Authenticity 8163
SI-01 System And Information Integrity Policy And Procedures 5849
SI-02 Flaw Remediation 9766
SI-03 Malicious Code Protection 10408
SI-04 Information System Monitoring Tools And Techniques 10104
SI-05 Security Alerts And Advisories 5728
SI-06 Security Functionality Verification 9844
SI-07 Software And Information Integrity 8982
SI-08 Spam Protection 3800
SI-09 Information Input Restrictions 4097
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 9831
SI-11 Error Handling 5989
SI-12 Information Output Handling And Retention 4798