11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 14663
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 39259
13-05 Controls catalog SQL export 5097
AC-01 Access Control Policies and Procedures 25780
AC-02 Account Management 14512
AC-03 Access Enforcement 17065
AC-04 Information Flow Enforcement 15937
AC-05 Separation Of Duties 9687
AC-06 Least Privilege 9359
AC-07 Unsuccessful Login Attempts 8750
AC-08 System Use Notification 7240
AC-09 Previous Logon Notification 7388
AC-10 Concurrent Session Control 6919
AC-11 Session Lock 7839
AC-12 Session Termination 7427
AC-13 Supervision And Review -- Access Control 5775
AC-14 Permitted Actions Without Identification Or Authentication 5653
AC-15 Automated Marking 4557
AC-16 Automated Labeling 4073
AC-17 Remote Access 7936
AC-18 Wireless Access Restrictions 7072
AC-19 Access Control For Portable And Mobile Devices 6952
AC-20 Use Of External Information Systems 6322
AT-01 Security Awareness And Training Policy And Procedures 8625
AT-02 Security Awareness 8193
AT-03 Security Training 7966
AT-04 Security Training Records 5519
AT-05 Contacts With Security Groups And Associations 4397
AU-01 Audit And Accountability Policy And Procedures 8560
AU-02 Auditable Events 11881
AU-03 Content Of Audit Records 6911
AU-04 Audit Storage Capacity 6143
AU-05 Response To Audit Processing Failures 7403
AU-06 Audit Monitoring, Analysis, And Reporting 14595
AU-07 Audit Reduction And Report Generation 7964
AU-08 Time Stamps 5809
AU-09 Protection Of Audit Information 7476
AU-10 Non-Repudiation 8520
AU-11 Audit Record Retention 7911
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7699
CA-02 Security Assessments 9672
CA-03 Information System Connections 5932
CA-04 Security Certification 7047
CA-05 Plan Of Action And Milestones 5653
CA-06 Security Accreditation 5783
CA-07 Continuous Monitoring 8805
CM-01 Configuration Management Policy And Procedures 8206
CM-02 Baseline Configuration 9590
CM-03 Configuration Change Control 8763
CM-04 Monitoring Configuration Changes 5833
CM-05 Access Restrictions For Change 6836
CM-06 Configuration Settings 7063
CM-07 Least Functionality 9762
CM-08 Information System Component Inventory 7091
CP-01 Contingency Planning Policy And Procedures 6209
CP-02 Contingency Plan 5649
CP-03 Contingency Training 5033
CP-04 Contingency Plan Testing And Exercises 8022
CP-05 Contingency Plan Update 4689
CP-06 Alternate Storage Site 5267
CP-07 Alternate Processing Site 6432
CP-08 Telecommunications Services 3629
CP-09 Information System Backup 7668
CP-10 Information System Recovery And Reconstitution 6887
IA-01 Identification And Authentication Policy And Procedures 8444
IA-02 User Identification And Authentication 12528
IA-03 Device Identification And Authentication 9834
IA-04 Identifier Management 6825
IA-05 Authenticator Management 8455
IA-06 Authenticator Feedback 5882
IA-07 Cryptographic Module Authentication 9046
IR-01 Incident Response Policy And Procedures 6439
IR-02 Incident Response Training 5635
IR-03 Incident Response Testing And Exercises 7789
IR-04 Incident Handling 9717
IR-05 Incident Monitoring 5699
IR-06 Incident Reporting 5869
IR-07 Incident Response Assistance 5691
MA-01 System Maintenance Policy And Procedures 5915
MA-02 Controlled Maintenance 5954
MA-03 Maintenance Tools 5650
MA-04 Remote Maintenance 5911
MA-05 Maintenance Personnel 4702
MA-06 Timely Maintenance 5060
MP-01 Media Protection Policy And Procedures 6087
MP-02 Media Access 5855
MP-03 Media Labeling 4249
MP-04 Media Storage 4488
MP-05 Media Transport 4422
MP-06 Media Sanitization And Disposal 4810
PE-01 Physical And Environmental Protection Policy And Procedures 5331
PE-02 Physical Access Authorizations 4859
PE-03 Physical Access Control 6187
PE-04 Access Control For Transmission Medium 4461
PE-05 Access Control For Display Medium 4316
PE-06 Monitoring Physical Access 5484
PE-07 Visitor Control 3671
PE-08 Access Records 3409
PE-09 Power Equipment And Power Cabling 4463
PE-10 Emergency Shutoff 4322
PE-11 Emergency Power 4098
PE-12 Emergency Lighting 4029
PE-13 Fire Protection 4248
PE-14 Temperature And Humidity Controls 4223
PE-15 Water Damage Protection 4182
PE-16 Delivery And Removal 4078
PE-17 Alternate Work Site 3557
PE-18 Location Of Information System Components 3626
PE-19 Information Leakage 4174
PL-01 Security Planning Policy And Procedures 8046
PL-02 System Security Plan 5363
PL-03 System Security Plan Update 3244
PL-04 Rules Of Behavior 6348
PL-05 Privacy Impact Assessment 4400
PL-06 Security-Related Activity Planning 3600
PS-01 Personnel Security Policy And Procedures 5361
PS-02 Position Categorization 3840
PS-03 Personnel Screening 3731
PS-04 Personnel Termination 3414
PS-05 Personnel Transfer 3335
PS-06 Access Agreements 5483
PS-07 Third-Party Personnel Security 5293
PS-08 Personnel Sanctions 4039
RA-01 Risk Assessment Policy And Procedures 6068
RA-02 Security Categorization 7628
RA-03 Risk Assessment 8017
RA-04 Risk Assessment Update 5464
RA-05 Vulnerability Scanning 8431
SA-01 System And Services Acquisition Policy And Procedures 6880
SA-02 Allocation Of Resources 5860
SA-03 Life Cycle Support 6649
SA-04 Acquisitions 6346
SA-05 Information System Documentation 10711
SA-06 Software Usage Restrictions 5492
SA-07 User Installed Software 5016
SA-08 Security Engineering Principles 9828
SA-09 External Information System Services 6424
SA-10 Developer Configuration Management 5560
SA-11 Developer Security Testing 5450
SC-01 System And Communications Protection Policy And Procedures 6508
SC-02 Application Partitioning 6684
SC-03 Security Function Isolation 8196
SC-04 Information Remnance 9140
SC-05 Denial Of Service Protection 7843
SC-06 Resource Priority 5275
SC-07 Boundary Protection 12439
SC-08 Transmission Integrity 9038
SC-09 Transmission Confidentiality 8793
SC-10 Network Disconnect 5632
SC-11 Trusted Path 6607
SC-12 Cryptographic Key Establishment And Management 7235
SC-13 Use Of Cryptography 7975
SC-14 Public Access Protections 5009
SC-15 Collaborative Computing 6183
SC-16 Transmission Of Security Parameters 3956
SC-17 Public Key Infrastructure Certificates 4213
SC-18 Mobile Code 7813
SC-19 Voice Over Internet Protocol 3698
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 7053
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4363
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4172
SC-23 Session Authenticity 8300
SI-01 System And Information Integrity Policy And Procedures 5906
SI-02 Flaw Remediation 9963
SI-03 Malicious Code Protection 10554
SI-04 Information System Monitoring Tools And Techniques 10334
SI-05 Security Alerts And Advisories 5815
SI-06 Security Functionality Verification 9976
SI-07 Software And Information Integrity 9100
SI-08 Spam Protection 3868
SI-09 Information Input Restrictions 4156
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 9933
SI-11 Error Handling 6070
SI-12 Information Output Handling And Retention 4874