11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 14263
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 38269
13-05 Controls catalog SQL export 4962
AC-01 Access Control Policies and Procedures 25219
AC-02 Account Management 14149
AC-03 Access Enforcement 16678
AC-04 Information Flow Enforcement 15508
AC-05 Separation Of Duties 9453
AC-06 Least Privilege 9091
AC-07 Unsuccessful Login Attempts 8491
AC-08 System Use Notification 7038
AC-09 Previous Logon Notification 7246
AC-10 Concurrent Session Control 6722
AC-11 Session Lock 7615
AC-12 Session Termination 7227
AC-13 Supervision And Review -- Access Control 5648
AC-14 Permitted Actions Without Identification Or Authentication 5539
AC-15 Automated Marking 4462
AC-16 Automated Labeling 3973
AC-17 Remote Access 7714
AC-18 Wireless Access Restrictions 6847
AC-19 Access Control For Portable And Mobile Devices 6765
AC-20 Use Of External Information Systems 6114
AT-01 Security Awareness And Training Policy And Procedures 8415
AT-02 Security Awareness 8001
AT-03 Security Training 7759
AT-04 Security Training Records 5407
AT-05 Contacts With Security Groups And Associations 4291
AU-01 Audit And Accountability Policy And Procedures 8311
AU-02 Auditable Events 11555
AU-03 Content Of Audit Records 6735
AU-04 Audit Storage Capacity 5988
AU-05 Response To Audit Processing Failures 7193
AU-06 Audit Monitoring, Analysis, And Reporting 14253
AU-07 Audit Reduction And Report Generation 7778
AU-08 Time Stamps 5646
AU-09 Protection Of Audit Information 7262
AU-10 Non-Repudiation 8340
AU-11 Audit Record Retention 7747
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7526
CA-02 Security Assessments 9408
CA-03 Information System Connections 5794
CA-04 Security Certification 6866
CA-05 Plan Of Action And Milestones 5531
CA-06 Security Accreditation 5644
CA-07 Continuous Monitoring 8621
CM-01 Configuration Management Policy And Procedures 8038
CM-02 Baseline Configuration 9376
CM-03 Configuration Change Control 8563
CM-04 Monitoring Configuration Changes 5703
CM-05 Access Restrictions For Change 6662
CM-06 Configuration Settings 6895
CM-07 Least Functionality 9536
CM-08 Information System Component Inventory 6918
CP-01 Contingency Planning Policy And Procedures 6066
CP-02 Contingency Plan 5493
CP-03 Contingency Training 4918
CP-04 Contingency Plan Testing And Exercises 7800
CP-05 Contingency Plan Update 4569
CP-06 Alternate Storage Site 5139
CP-07 Alternate Processing Site 6264
CP-08 Telecommunications Services 3552
CP-09 Information System Backup 7464
CP-10 Information System Recovery And Reconstitution 6689
IA-01 Identification And Authentication Policy And Procedures 8230
IA-02 User Identification And Authentication 12224
IA-03 Device Identification And Authentication 9607
IA-04 Identifier Management 6632
IA-05 Authenticator Management 8276
IA-06 Authenticator Feedback 5735
IA-07 Cryptographic Module Authentication 8847
IR-01 Incident Response Policy And Procedures 6237
IR-02 Incident Response Training 5520
IR-03 Incident Response Testing And Exercises 7640
IR-04 Incident Handling 9487
IR-05 Incident Monitoring 5555
IR-06 Incident Reporting 5754
IR-07 Incident Response Assistance 5539
MA-01 System Maintenance Policy And Procedures 5791
MA-02 Controlled Maintenance 5822
MA-03 Maintenance Tools 5489
MA-04 Remote Maintenance 5741
MA-05 Maintenance Personnel 4587
MA-06 Timely Maintenance 4936
MP-01 Media Protection Policy And Procedures 5949
MP-02 Media Access 5723
MP-03 Media Labeling 4155
MP-04 Media Storage 4384
MP-05 Media Transport 4315
MP-06 Media Sanitization And Disposal 4704
PE-01 Physical And Environmental Protection Policy And Procedures 5205
PE-02 Physical Access Authorizations 4737
PE-03 Physical Access Control 6017
PE-04 Access Control For Transmission Medium 4339
PE-05 Access Control For Display Medium 4204
PE-06 Monitoring Physical Access 5338
PE-07 Visitor Control 3590
PE-08 Access Records 3334
PE-09 Power Equipment And Power Cabling 4360
PE-10 Emergency Shutoff 4219
PE-11 Emergency Power 3987
PE-12 Emergency Lighting 3923
PE-13 Fire Protection 4152
PE-14 Temperature And Humidity Controls 4126
PE-15 Water Damage Protection 4072
PE-16 Delivery And Removal 3985
PE-17 Alternate Work Site 3480
PE-18 Location Of Information System Components 3540
PE-19 Information Leakage 4098
PL-01 Security Planning Policy And Procedures 7857
PL-02 System Security Plan 5225
PL-03 System Security Plan Update 3174
PL-04 Rules Of Behavior 6181
PL-05 Privacy Impact Assessment 4320
PL-06 Security-Related Activity Planning 3520
PS-01 Personnel Security Policy And Procedures 5221
PS-02 Position Categorization 3744
PS-03 Personnel Screening 3639
PS-04 Personnel Termination 3339
PS-05 Personnel Transfer 3274
PS-06 Access Agreements 5365
PS-07 Third-Party Personnel Security 5175
PS-08 Personnel Sanctions 3928
RA-01 Risk Assessment Policy And Procedures 5915
RA-02 Security Categorization 7473
RA-03 Risk Assessment 7818
RA-04 Risk Assessment Update 5345
RA-05 Vulnerability Scanning 8205
SA-01 System And Services Acquisition Policy And Procedures 6695
SA-02 Allocation Of Resources 5732
SA-03 Life Cycle Support 6492
SA-04 Acquisitions 6192
SA-05 Information System Documentation 10439
SA-06 Software Usage Restrictions 5362
SA-07 User Installed Software 4894
SA-08 Security Engineering Principles 9627
SA-09 External Information System Services 6268
SA-10 Developer Configuration Management 5411
SA-11 Developer Security Testing 5328
SC-01 System And Communications Protection Policy And Procedures 6345
SC-02 Application Partitioning 6491
SC-03 Security Function Isolation 7977
SC-04 Information Remnance 8970
SC-05 Denial Of Service Protection 7637
SC-06 Resource Priority 5141
SC-07 Boundary Protection 12060
SC-08 Transmission Integrity 8812
SC-09 Transmission Confidentiality 8579
SC-10 Network Disconnect 5489
SC-11 Trusted Path 6434
SC-12 Cryptographic Key Establishment And Management 7037
SC-13 Use Of Cryptography 7786
SC-14 Public Access Protections 4883
SC-15 Collaborative Computing 6035
SC-16 Transmission Of Security Parameters 3885
SC-17 Public Key Infrastructure Certificates 4091
SC-18 Mobile Code 7634
SC-19 Voice Over Internet Protocol 3622
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 6871
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4248
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4071
SC-23 Session Authenticity 8069
SI-01 System And Information Integrity Policy And Procedures 5805
SI-02 Flaw Remediation 9658
SI-03 Malicious Code Protection 10309
SI-04 Information System Monitoring Tools And Techniques 9960
SI-05 Security Alerts And Advisories 5677
SI-06 Security Functionality Verification 9767
SI-07 Software And Information Integrity 8936
SI-08 Spam Protection 3767
SI-09 Information Input Restrictions 4058
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 9771
SI-11 Error Handling 5937
SI-12 Information Output Handling And Retention 4751