11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9411
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 27658
13-05 Controls catalog SQL export 3601
AC-01 Access Control Policies and Procedures 18337
AC-02 Account Management 10063
AC-03 Access Enforcement 10290
AC-04 Information Flow Enforcement 11109
AC-05 Separation Of Duties 6477
AC-06 Least Privilege 6297
AC-07 Unsuccessful Login Attempts 5992
AC-08 System Use Notification 5044
AC-09 Previous Logon Notification 5611
AC-10 Concurrent Session Control 4813
AC-11 Session Lock 5264
AC-12 Session Termination 4808
AC-13 Supervision And Review -- Access Control 4144
AC-14 Permitted Actions Without Identification Or Authentication 3086
AC-15 Automated Marking 3254
AC-16 Automated Labeling 3006
AC-17 Remote Access 5150
AC-18 Wireless Access Restrictions 4708
AC-19 Access Control For Portable And Mobile Devices 4851
AC-20 Use Of External Information Systems 3751
AT-01 Security Awareness And Training Policy And Procedures 5931
AT-02 Security Awareness 5892
AT-03 Security Training 5524
AT-04 Security Training Records 4017
AT-05 Contacts With Security Groups And Associations 2987
AU-01 Audit And Accountability Policy And Procedures 5764
AU-02 Auditable Events 8043
AU-03 Content Of Audit Records 4700
AU-04 Audit Storage Capacity 4271
AU-05 Response To Audit Processing Failures 5043
AU-06 Audit Monitoring, Analysis, And Reporting 10494
AU-07 Audit Reduction And Report Generation 5575
AU-08 Time Stamps 4040
AU-09 Protection Of Audit Information 5138
AU-10 Non-Repudiation 6465
AU-11 Audit Record Retention 6134
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5549
CA-02 Security Assessments 6405
CA-03 Information System Connections 4032
CA-04 Security Certification 5032
CA-05 Plan Of Action And Milestones 4040
CA-06 Security Accreditation 4240
CA-07 Continuous Monitoring 6120
CM-01 Configuration Management Policy And Procedures 6033
CM-02 Baseline Configuration 6803
CM-03 Configuration Change Control 6223
CM-04 Monitoring Configuration Changes 4202
CM-05 Access Restrictions For Change 4933
CM-06 Configuration Settings 4942
CM-07 Least Functionality 6874
CM-08 Information System Component Inventory 4895
CP-01 Contingency Planning Policy And Procedures 4199
CP-02 Contingency Plan 3874
CP-03 Contingency Training 3620
CP-04 Contingency Plan Testing And Exercises 5585
CP-05 Contingency Plan Update 3420
CP-06 Alternate Storage Site 3700
CP-07 Alternate Processing Site 4546
CP-08 Telecommunications Services 2565
CP-09 Information System Backup 5057
CP-10 Information System Recovery And Reconstitution 4724
IA-01 Identification And Authentication Policy And Procedures 5864
IA-02 User Identification And Authentication 8455
IA-03 Device Identification And Authentication 6881
IA-04 Identifier Management 4841
IA-05 Authenticator Management 6119
IA-06 Authenticator Feedback 4111
IA-07 Cryptographic Module Authentication 6349
IR-01 Incident Response Policy And Procedures 4264
IR-02 Incident Response Training 4034
IR-03 Incident Response Testing And Exercises 5957
IR-04 Incident Handling 6840
IR-05 Incident Monitoring 4027
IR-06 Incident Reporting 4240
IR-07 Incident Response Assistance 4100
MA-01 System Maintenance Policy And Procedures 4176
MA-02 Controlled Maintenance 4309
MA-03 Maintenance Tools 3993
MA-04 Remote Maintenance 4086
MA-05 Maintenance Personnel 3430
MA-06 Timely Maintenance 3725
MP-01 Media Protection Policy And Procedures 4472
MP-02 Media Access 4146
MP-03 Media Labeling 3022
MP-04 Media Storage 3232
MP-05 Media Transport 3080
MP-06 Media Sanitization And Disposal 3276
PE-01 Physical And Environmental Protection Policy And Procedures 3814
PE-02 Physical Access Authorizations 3454
PE-03 Physical Access Control 4145
PE-04 Access Control For Transmission Medium 3001
PE-05 Access Control For Display Medium 3130
PE-06 Monitoring Physical Access 3884
PE-07 Visitor Control 2577
PE-08 Access Records 2429
PE-09 Power Equipment And Power Cabling 3232
PE-10 Emergency Shutoff 3098
PE-11 Emergency Power 3018
PE-12 Emergency Lighting 2939
PE-13 Fire Protection 3107
PE-14 Temperature And Humidity Controls 3121
PE-15 Water Damage Protection 3056
PE-16 Delivery And Removal 2986
PE-17 Alternate Work Site 2538
PE-18 Location Of Information System Components 2646
PE-19 Information Leakage 2938
PL-01 Security Planning Policy And Procedures 5768
PL-02 System Security Plan 3789
PL-03 System Security Plan Update 2407
PL-04 Rules Of Behavior 4640
PL-05 Privacy Impact Assessment 2792
PL-06 Security-Related Activity Planning 2581
PS-01 Personnel Security Policy And Procedures 3793
PS-02 Position Categorization 2787
PS-03 Personnel Screening 2612
PS-04 Personnel Termination 2549
PS-05 Personnel Transfer 2497
PS-06 Access Agreements 3962
PS-07 Third-Party Personnel Security 3610
PS-08 Personnel Sanctions 2680
RA-01 Risk Assessment Policy And Procedures 4191
RA-02 Security Categorization 5784
RA-03 Risk Assessment 5403
RA-04 Risk Assessment Update 4068
RA-05 Vulnerability Scanning 5506
SA-01 System And Services Acquisition Policy And Procedures 4791
SA-02 Allocation Of Resources 4382
SA-03 Life Cycle Support 4659
SA-04 Acquisitions 4512
SA-05 Information System Documentation 7587
SA-06 Software Usage Restrictions 3855
SA-07 User Installed Software 3523
SA-08 Security Engineering Principles 7567
SA-09 External Information System Services 4359
SA-10 Developer Configuration Management 3844
SA-11 Developer Security Testing 3925
SC-01 System And Communications Protection Policy And Procedures 4496
SC-02 Application Partitioning 4570
SC-03 Security Function Isolation 5682
SC-04 Information Remnance 6931
SC-05 Denial Of Service Protection 5437
SC-06 Resource Priority 3830
SC-07 Boundary Protection 7938
SC-08 Transmission Integrity 6333
SC-09 Transmission Confidentiality 6008
SC-10 Network Disconnect 4040
SC-11 Trusted Path 4609
SC-12 Cryptographic Key Establishment And Management 4864
SC-13 Use Of Cryptography 5524
SC-14 Public Access Protections 3663
SC-15 Collaborative Computing 4387
SC-16 Transmission Of Security Parameters 2816
SC-17 Public Key Infrastructure Certificates 2980
SC-18 Mobile Code 5578
SC-19 Voice Over Internet Protocol 2656
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 4960
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3026
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2953
SC-23 Session Authenticity 5636
SI-01 System And Information Integrity Policy And Procedures 4421
SI-02 Flaw Remediation 6741
SI-03 Malicious Code Protection 7356
SI-04 Information System Monitoring Tools And Techniques 5882
SI-05 Security Alerts And Advisories 4104
SI-06 Security Functionality Verification 6092
SI-07 Software And Information Integrity 7044
SI-08 Spam Protection 2694
SI-09 Information Input Restrictions 2928
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6709
SI-11 Error Handling 4301
SI-12 Information Output Handling And Retention 3406