11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9801
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 28602
13-05 Controls catalog SQL export 3697
AC-01 Access Control Policies and Procedures 18946
AC-02 Account Management 10439
AC-03 Access Enforcement 10709
AC-04 Information Flow Enforcement 11492
AC-05 Separation Of Duties 6696
AC-06 Least Privilege 6523
AC-07 Unsuccessful Login Attempts 6192
AC-08 System Use Notification 5228
AC-09 Previous Logon Notification 5728
AC-10 Concurrent Session Control 4947
AC-11 Session Lock 5425
AC-12 Session Termination 4972
AC-13 Supervision And Review -- Access Control 4269
AC-14 Permitted Actions Without Identification Or Authentication 3684
AC-15 Automated Marking 3332
AC-16 Automated Labeling 3080
AC-17 Remote Access 5376
AC-18 Wireless Access Restrictions 4869
AC-19 Access Control For Portable And Mobile Devices 4995
AC-20 Use Of External Information Systems 3900
AT-01 Security Awareness And Training Policy And Procedures 6149
AT-02 Security Awareness 6060
AT-03 Security Training 5695
AT-04 Security Training Records 4134
AT-05 Contacts With Security Groups And Associations 3075
AU-01 Audit And Accountability Policy And Procedures 5987
AU-02 Auditable Events 8362
AU-03 Content Of Audit Records 4859
AU-04 Audit Storage Capacity 4416
AU-05 Response To Audit Processing Failures 5201
AU-06 Audit Monitoring, Analysis, And Reporting 10813
AU-07 Audit Reduction And Report Generation 5774
AU-08 Time Stamps 4162
AU-09 Protection Of Audit Information 5300
AU-10 Non-Repudiation 6644
AU-11 Audit Record Retention 6272
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5737
CA-02 Security Assessments 6700
CA-03 Information System Connections 4165
CA-04 Security Certification 5159
CA-05 Plan Of Action And Milestones 4163
CA-06 Security Accreditation 4347
CA-07 Continuous Monitoring 6354
CM-01 Configuration Management Policy And Procedures 6182
CM-02 Baseline Configuration 7028
CM-03 Configuration Change Control 6440
CM-04 Monitoring Configuration Changes 4295
CM-05 Access Restrictions For Change 5080
CM-06 Configuration Settings 5118
CM-07 Least Functionality 7098
CM-08 Information System Component Inventory 5045
CP-01 Contingency Planning Policy And Procedures 4348
CP-02 Contingency Plan 4029
CP-03 Contingency Training 3712
CP-04 Contingency Plan Testing And Exercises 5743
CP-05 Contingency Plan Update 3492
CP-06 Alternate Storage Site 3785
CP-07 Alternate Processing Site 4663
CP-08 Telecommunications Services 2631
CP-09 Information System Backup 5281
CP-10 Information System Recovery And Reconstitution 4906
IA-01 Identification And Authentication Policy And Procedures 6047
IA-02 User Identification And Authentication 8769
IA-03 Device Identification And Authentication 7129
IA-04 Identifier Management 4985
IA-05 Authenticator Management 6299
IA-06 Authenticator Feedback 4244
IA-07 Cryptographic Module Authentication 6576
IR-01 Incident Response Policy And Procedures 4400
IR-02 Incident Response Training 4151
IR-03 Incident Response Testing And Exercises 6082
IR-04 Incident Handling 7053
IR-05 Incident Monitoring 4122
IR-06 Incident Reporting 4341
IR-07 Incident Response Assistance 4208
MA-01 System Maintenance Policy And Procedures 4330
MA-02 Controlled Maintenance 4434
MA-03 Maintenance Tools 4092
MA-04 Remote Maintenance 4228
MA-05 Maintenance Personnel 3504
MA-06 Timely Maintenance 3795
MP-01 Media Protection Policy And Procedures 4615
MP-02 Media Access 4244
MP-03 Media Labeling 3120
MP-04 Media Storage 3326
MP-05 Media Transport 3210
MP-06 Media Sanitization And Disposal 3376
PE-01 Physical And Environmental Protection Policy And Procedures 3942
PE-02 Physical Access Authorizations 3541
PE-03 Physical Access Control 4300
PE-04 Access Control For Transmission Medium 3112
PE-05 Access Control For Display Medium 3189
PE-06 Monitoring Physical Access 4008
PE-07 Visitor Control 2646
PE-08 Access Records 2476
PE-09 Power Equipment And Power Cabling 3303
PE-10 Emergency Shutoff 3171
PE-11 Emergency Power 3082
PE-12 Emergency Lighting 3003
PE-13 Fire Protection 3163
PE-14 Temperature And Humidity Controls 3192
PE-15 Water Damage Protection 3115
PE-16 Delivery And Removal 3046
PE-17 Alternate Work Site 2606
PE-18 Location Of Information System Components 2712
PE-19 Information Leakage 3015
PL-01 Security Planning Policy And Procedures 5923
PL-02 System Security Plan 3888
PL-03 System Security Plan Update 2468
PL-04 Rules Of Behavior 4750
PL-05 Privacy Impact Assessment 2859
PL-06 Security-Related Activity Planning 2649
PS-01 Personnel Security Policy And Procedures 3883
PS-02 Position Categorization 2848
PS-03 Personnel Screening 2663
PS-04 Personnel Termination 2587
PS-05 Personnel Transfer 2540
PS-06 Access Agreements 4056
PS-07 Third-Party Personnel Security 3726
PS-08 Personnel Sanctions 2750
RA-01 Risk Assessment Policy And Procedures 4297
RA-02 Security Categorization 5937
RA-03 Risk Assessment 5586
RA-04 Risk Assessment Update 4136
RA-05 Vulnerability Scanning 5748
SA-01 System And Services Acquisition Policy And Procedures 4953
SA-02 Allocation Of Resources 4478
SA-03 Life Cycle Support 4796
SA-04 Acquisitions 4648
SA-05 Information System Documentation 7821
SA-06 Software Usage Restrictions 3974
SA-07 User Installed Software 3611
SA-08 Security Engineering Principles 7738
SA-09 External Information System Services 4531
SA-10 Developer Configuration Management 3959
SA-11 Developer Security Testing 4062
SC-01 System And Communications Protection Policy And Procedures 4639
SC-02 Application Partitioning 4707
SC-03 Security Function Isolation 5838
SC-04 Information Remnance 7106
SC-05 Denial Of Service Protection 5597
SC-06 Resource Priority 3909
SC-07 Boundary Protection 8282
SC-08 Transmission Integrity 6541
SC-09 Transmission Confidentiality 6243
SC-10 Network Disconnect 4137
SC-11 Trusted Path 4729
SC-12 Cryptographic Key Establishment And Management 5043
SC-13 Use Of Cryptography 5732
SC-14 Public Access Protections 3743
SC-15 Collaborative Computing 4521
SC-16 Transmission Of Security Parameters 2910
SC-17 Public Key Infrastructure Certificates 3075
SC-18 Mobile Code 5751
SC-19 Voice Over Internet Protocol 2708
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5114
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3115
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3047
SC-23 Session Authenticity 5816
SI-01 System And Information Integrity Policy And Procedures 4517
SI-02 Flaw Remediation 7000
SI-03 Malicious Code Protection 7601
SI-04 Information System Monitoring Tools And Techniques 6147
SI-05 Security Alerts And Advisories 4214
SI-06 Security Functionality Verification 6261
SI-07 Software And Information Integrity 7181
SI-08 Spam Protection 2769
SI-09 Information Input Restrictions 3007
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6875
SI-11 Error Handling 4427
SI-12 Information Output Handling And Retention 3510