11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 15201
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 40673
13-05 Controls catalog SQL export 5273
AC-01 Access Control Policies and Procedures 26586
AC-02 Account Management 15069
AC-03 Access Enforcement 17716
AC-04 Information Flow Enforcement 16538
AC-05 Separation Of Duties 10024
AC-06 Least Privilege 9785
AC-07 Unsuccessful Login Attempts 9094
AC-08 System Use Notification 7512
AC-09 Previous Logon Notification 7613
AC-10 Concurrent Session Control 7174
AC-11 Session Lock 8154
AC-12 Session Termination 7699
AC-13 Supervision And Review -- Access Control 5989
AC-14 Permitted Actions Without Identification Or Authentication 5807
AC-15 Automated Marking 4735
AC-16 Automated Labeling 4214
AC-17 Remote Access 8310
AC-18 Wireless Access Restrictions 7390
AC-19 Access Control For Portable And Mobile Devices 7279
AC-20 Use Of External Information Systems 6631
AT-01 Security Awareness And Training Policy And Procedures 8970
AT-02 Security Awareness 8494
AT-03 Security Training 8279
AT-04 Security Training Records 5705
AT-05 Contacts With Security Groups And Associations 4573
AU-01 Audit And Accountability Policy And Procedures 8919
AU-02 Auditable Events 12352
AU-03 Content Of Audit Records 7170
AU-04 Audit Storage Capacity 6358
AU-05 Response To Audit Processing Failures 7727
AU-06 Audit Monitoring, Analysis, And Reporting 15074
AU-07 Audit Reduction And Report Generation 8261
AU-08 Time Stamps 6041
AU-09 Protection Of Audit Information 7767
AU-10 Non-Repudiation 8773
AU-11 Audit Record Retention 8137
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 7992
CA-02 Security Assessments 10067
CA-03 Information System Connections 6164
CA-04 Security Certification 7320
CA-05 Plan Of Action And Milestones 5867
CA-06 Security Accreditation 6016
CA-07 Continuous Monitoring 9275
CM-01 Configuration Management Policy And Procedures 8484
CM-02 Baseline Configuration 9955
CM-03 Configuration Change Control 9083
CM-04 Monitoring Configuration Changes 6065
CM-05 Access Restrictions For Change 7132
CM-06 Configuration Settings 7309
CM-07 Least Functionality 10169
CM-08 Information System Component Inventory 7366
CP-01 Contingency Planning Policy And Procedures 6460
CP-02 Contingency Plan 5897
CP-03 Contingency Training 5210
CP-04 Contingency Plan Testing And Exercises 8328
CP-05 Contingency Plan Update 4862
CP-06 Alternate Storage Site 5450
CP-07 Alternate Processing Site 6695
CP-08 Telecommunications Services 3755
CP-09 Information System Backup 7978
CP-10 Information System Recovery And Reconstitution 7175
IA-01 Identification And Authentication Policy And Procedures 8795
IA-02 User Identification And Authentication 12990
IA-03 Device Identification And Authentication 10216
IA-04 Identifier Management 7115
IA-05 Authenticator Management 8953
IA-06 Authenticator Feedback 6087
IA-07 Cryptographic Module Authentication 9399
IR-01 Incident Response Policy And Procedures 6717
IR-02 Incident Response Training 5852
IR-03 Incident Response Testing And Exercises 8027
IR-04 Incident Handling 10093
IR-05 Incident Monitoring 5927
IR-06 Incident Reporting 6074
IR-07 Incident Response Assistance 5917
MA-01 System Maintenance Policy And Procedures 6137
MA-02 Controlled Maintenance 6154
MA-03 Maintenance Tools 5859
MA-04 Remote Maintenance 6163
MA-05 Maintenance Personnel 4867
MA-06 Timely Maintenance 5279
MP-01 Media Protection Policy And Procedures 6305
MP-02 Media Access 6048
MP-03 Media Labeling 4404
MP-04 Media Storage 4647
MP-05 Media Transport 4599
MP-06 Media Sanitization And Disposal 4989
PE-01 Physical And Environmental Protection Policy And Procedures 5542
PE-02 Physical Access Authorizations 5037
PE-03 Physical Access Control 6437
PE-04 Access Control For Transmission Medium 4658
PE-05 Access Control For Display Medium 4477
PE-06 Monitoring Physical Access 5706
PE-07 Visitor Control 3829
PE-08 Access Records 3539
PE-09 Power Equipment And Power Cabling 4634
PE-10 Emergency Shutoff 4488
PE-11 Emergency Power 4249
PE-12 Emergency Lighting 4182
PE-13 Fire Protection 4417
PE-14 Temperature And Humidity Controls 4372
PE-15 Water Damage Protection 4348
PE-16 Delivery And Removal 4254
PE-17 Alternate Work Site 3694
PE-18 Location Of Information System Components 3765
PE-19 Information Leakage 4326
PL-01 Security Planning Policy And Procedures 8310
PL-02 System Security Plan 5570
PL-03 System Security Plan Update 3357
PL-04 Rules Of Behavior 6586
PL-05 Privacy Impact Assessment 4539
PL-06 Security-Related Activity Planning 3737
PS-01 Personnel Security Policy And Procedures 5557
PS-02 Position Categorization 4017
PS-03 Personnel Screening 3877
PS-04 Personnel Termination 3538
PS-05 Personnel Transfer 3446
PS-06 Access Agreements 5703
PS-07 Third-Party Personnel Security 5494
PS-08 Personnel Sanctions 4210
RA-01 Risk Assessment Policy And Procedures 6282
RA-02 Security Categorization 7911
RA-03 Risk Assessment 8376
RA-04 Risk Assessment Update 5659
RA-05 Vulnerability Scanning 8835
SA-01 System And Services Acquisition Policy And Procedures 7152
SA-02 Allocation Of Resources 6083
SA-03 Life Cycle Support 6918
SA-04 Acquisitions 6611
SA-05 Information System Documentation 11130
SA-06 Software Usage Restrictions 5683
SA-07 User Installed Software 5244
SA-08 Security Engineering Principles 10137
SA-09 External Information System Services 6680
SA-10 Developer Configuration Management 5777
SA-11 Developer Security Testing 5649
SC-01 System And Communications Protection Policy And Procedures 6736
SC-02 Application Partitioning 6986
SC-03 Security Function Isolation 8521
SC-04 Information Remnance 9415
SC-05 Denial Of Service Protection 8160
SC-06 Resource Priority 5466
SC-07 Boundary Protection 12999
SC-08 Transmission Integrity 9410
SC-09 Transmission Confidentiality 9145
SC-10 Network Disconnect 5903
SC-11 Trusted Path 6875
SC-12 Cryptographic Key Establishment And Management 7542
SC-13 Use Of Cryptography 8301
SC-14 Public Access Protections 5175
SC-15 Collaborative Computing 6419
SC-16 Transmission Of Security Parameters 4087
SC-17 Public Key Infrastructure Certificates 4375
SC-18 Mobile Code 8098
SC-19 Voice Over Internet Protocol 3838
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 7329
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4562
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4353
SC-23 Session Authenticity 8696
SI-01 System And Information Integrity Policy And Procedures 6071
SI-02 Flaw Remediation 10361
SI-03 Malicious Code Protection 10966
SI-04 Information System Monitoring Tools And Techniques 10880
SI-05 Security Alerts And Advisories 6070
SI-06 Security Functionality Verification 10274
SI-07 Software And Information Integrity 9390
SI-08 Spam Protection 4036
SI-09 Information Input Restrictions 4304
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 10202
SI-11 Error Handling 6319
SI-12 Information Output Handling And Retention 5077