11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 12994
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 35565
13-05 Controls catalog SQL export 4542
AC-01 Access Control Policies and Procedures 23425
AC-02 Account Management 13022
AC-03 Access Enforcement 15376
AC-04 Information Flow Enforcement 14270
AC-05 Separation Of Duties 8696
AC-06 Least Privilege 8290
AC-07 Unsuccessful Login Attempts 7734
AC-08 System Use Notification 6454
AC-09 Previous Logon Notification 6729
AC-10 Concurrent Session Control 6126
AC-11 Session Lock 6918
AC-12 Session Termination 6492
AC-13 Supervision And Review -- Access Control 5220
AC-14 Permitted Actions Without Identification Or Authentication 5139
AC-15 Automated Marking 4009
AC-16 Automated Labeling 3646
AC-17 Remote Access 7051
AC-18 Wireless Access Restrictions 6119
AC-19 Access Control For Portable And Mobile Devices 6168
AC-20 Use Of External Information Systems 5465
AT-01 Security Awareness And Training Policy And Procedures 7663
AT-02 Security Awareness 7369
AT-03 Security Training 7108
AT-04 Security Training Records 4937
AT-05 Contacts With Security Groups And Associations 3912
AU-01 Audit And Accountability Policy And Procedures 7531
AU-02 Auditable Events 10575
AU-03 Content Of Audit Records 6121
AU-04 Audit Storage Capacity 5427
AU-05 Response To Audit Processing Failures 6553
AU-06 Audit Monitoring, Analysis, And Reporting 13028
AU-07 Audit Reduction And Report Generation 7147
AU-08 Time Stamps 5104
AU-09 Protection Of Audit Information 6538
AU-10 Non-Repudiation 7755
AU-11 Audit Record Retention 7227
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6941
CA-02 Security Assessments 8586
CA-03 Information System Connections 5313
CA-04 Security Certification 6264
CA-05 Plan Of Action And Milestones 5042
CA-06 Security Accreditation 5171
CA-07 Continuous Monitoring 7852
CM-01 Configuration Management Policy And Procedures 7435
CM-02 Baseline Configuration 8657
CM-03 Configuration Change Control 7842
CM-04 Monitoring Configuration Changes 5132
CM-05 Access Restrictions For Change 6083
CM-06 Configuration Settings 6294
CM-07 Least Functionality 8721
CM-08 Information System Component Inventory 6291
CP-01 Contingency Planning Policy And Procedures 5524
CP-02 Contingency Plan 4975
CP-03 Contingency Training 4475
CP-04 Contingency Plan Testing And Exercises 7109
CP-05 Contingency Plan Update 4163
CP-06 Alternate Storage Site 4659
CP-07 Alternate Processing Site 5697
CP-08 Telecommunications Services 3239
CP-09 Information System Backup 6741
CP-10 Information System Recovery And Reconstitution 6031
IA-01 Identification And Authentication Policy And Procedures 7512
IA-02 User Identification And Authentication 11199
IA-03 Device Identification And Authentication 8772
IA-04 Identifier Management 6079
IA-05 Authenticator Management 7676
IA-06 Authenticator Feedback 5207
IA-07 Cryptographic Module Authentication 8101
IR-01 Incident Response Policy And Procedures 5558
IR-02 Incident Response Training 5028
IR-03 Incident Response Testing And Exercises 7078
IR-04 Incident Handling 8480
IR-05 Incident Monitoring 5006
IR-06 Incident Reporting 5172
IR-07 Incident Response Assistance 5060
MA-01 System Maintenance Policy And Procedures 5357
MA-02 Controlled Maintenance 5351
MA-03 Maintenance Tools 4965
MA-04 Remote Maintenance 5185
MA-05 Maintenance Personnel 4165
MA-06 Timely Maintenance 4508
MP-01 Media Protection Policy And Procedures 5490
MP-02 Media Access 5213
MP-03 Media Labeling 3760
MP-04 Media Storage 4034
MP-05 Media Transport 3920
MP-06 Media Sanitization And Disposal 4307
PE-01 Physical And Environmental Protection Policy And Procedures 4782
PE-02 Physical Access Authorizations 4306
PE-03 Physical Access Control 5393
PE-04 Access Control For Transmission Medium 3935
PE-05 Access Control For Display Medium 3827
PE-06 Monitoring Physical Access 4863
PE-07 Visitor Control 3253
PE-08 Access Records 3025
PE-09 Power Equipment And Power Cabling 3954
PE-10 Emergency Shutoff 3840
PE-11 Emergency Power 3614
PE-12 Emergency Lighting 3559
PE-13 Fire Protection 3799
PE-14 Temperature And Humidity Controls 3766
PE-15 Water Damage Protection 3730
PE-16 Delivery And Removal 3624
PE-17 Alternate Work Site 3199
PE-18 Location Of Information System Components 3230
PE-19 Information Leakage 3739
PL-01 Security Planning Policy And Procedures 7246
PL-02 System Security Plan 4755
PL-03 System Security Plan Update 2923
PL-04 Rules Of Behavior 5620
PL-05 Privacy Impact Assessment 4000
PL-06 Security-Related Activity Planning 3231
PS-01 Personnel Security Policy And Procedures 4759
PS-02 Position Categorization 3425
PS-03 Personnel Screening 3294
PS-04 Personnel Termination 3060
PS-05 Personnel Transfer 2991
PS-06 Access Agreements 4857
PS-07 Third-Party Personnel Security 4738
PS-08 Personnel Sanctions 3515
RA-01 Risk Assessment Policy And Procedures 5329
RA-02 Security Categorization 6936
RA-03 Risk Assessment 7040
RA-04 Risk Assessment Update 4901
RA-05 Vulnerability Scanning 7372
SA-01 System And Services Acquisition Policy And Procedures 6170
SA-02 Allocation Of Resources 5286
SA-03 Life Cycle Support 5919
SA-04 Acquisitions 5655
SA-05 Information System Documentation 9445
SA-06 Software Usage Restrictions 4858
SA-07 User Installed Software 4386
SA-08 Security Engineering Principles 8971
SA-09 External Information System Services 5730
SA-10 Developer Configuration Management 4926
SA-11 Developer Security Testing 4955
SC-01 System And Communications Protection Policy And Procedures 5796
SC-02 Application Partitioning 5901
SC-03 Security Function Isolation 7298
SC-04 Information Remnance 8327
SC-05 Denial Of Service Protection 6955
SC-06 Resource Priority 4680
SC-07 Boundary Protection 10962
SC-08 Transmission Integrity 8099
SC-09 Transmission Confidentiality 7796
SC-10 Network Disconnect 4991
SC-11 Trusted Path 5856
SC-12 Cryptographic Key Establishment And Management 6362
SC-13 Use Of Cryptography 7084
SC-14 Public Access Protections 4469
SC-15 Collaborative Computing 5504
SC-16 Transmission Of Security Parameters 3572
SC-17 Public Key Infrastructure Certificates 3738
SC-18 Mobile Code 6999
SC-19 Voice Over Internet Protocol 3344
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 6276
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3835
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3709
SC-23 Session Authenticity 7372
SI-01 System And Information Integrity Policy And Procedures 5379
SI-02 Flaw Remediation 8811
SI-03 Malicious Code Protection 9396
SI-04 Information System Monitoring Tools And Techniques 8642
SI-05 Security Alerts And Advisories 5158
SI-06 Security Functionality Verification 9098
SI-07 Software And Information Integrity 8296
SI-08 Spam Protection 3419
SI-09 Information Input Restrictions 3702
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 9195
SI-11 Error Handling 5419
SI-12 Information Output Handling And Retention 4324