11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9033
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 26897
13-05 Controls catalog SQL export 3498
AC-01 Access Control Policies and Procedures 17518
AC-02 Account Management 9757
AC-03 Access Enforcement 10008
AC-04 Information Flow Enforcement 10806
AC-05 Separation Of Duties 6324
AC-06 Least Privilege 6142
AC-07 Unsuccessful Login Attempts 5825
AC-08 System Use Notification 4929
AC-09 Previous Logon Notification 5524
AC-10 Concurrent Session Control 4688
AC-11 Session Lock 5148
AC-12 Session Termination 4677
AC-13 Supervision And Review -- Access Control 4047
AC-14 Permitted Actions Without Identification Or Authentication 3017
AC-15 Automated Marking 3171
AC-16 Automated Labeling 2940
AC-17 Remote Access 5012
AC-18 Wireless Access Restrictions 4580
AC-19 Access Control For Portable And Mobile Devices 4744
AC-20 Use Of External Information Systems 3632
AT-01 Security Awareness And Training Policy And Procedures 5815
AT-02 Security Awareness 5736
AT-03 Security Training 5396
AT-04 Security Training Records 3923
AT-05 Contacts With Security Groups And Associations 2905
AU-01 Audit And Accountability Policy And Procedures 5642
AU-02 Auditable Events 7834
AU-03 Content Of Audit Records 4592
AU-04 Audit Storage Capacity 4178
AU-05 Response To Audit Processing Failures 4932
AU-06 Audit Monitoring, Analysis, And Reporting 10235
AU-07 Audit Reduction And Report Generation 5441
AU-08 Time Stamps 3925
AU-09 Protection Of Audit Information 5013
AU-10 Non-Repudiation 6347
AU-11 Audit Record Retention 6020
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5433
CA-02 Security Assessments 6227
CA-03 Information System Connections 3927
CA-04 Security Certification 4933
CA-05 Plan Of Action And Milestones 3956
CA-06 Security Accreditation 4150
CA-07 Continuous Monitoring 5961
CM-01 Configuration Management Policy And Procedures 5914
CM-02 Baseline Configuration 6662
CM-03 Configuration Change Control 6038
CM-04 Monitoring Configuration Changes 4126
CM-05 Access Restrictions For Change 4822
CM-06 Configuration Settings 4810
CM-07 Least Functionality 6730
CM-08 Information System Component Inventory 4788
CP-01 Contingency Planning Policy And Procedures 4117
CP-02 Contingency Plan 3791
CP-03 Contingency Training 3551
CP-04 Contingency Plan Testing And Exercises 5467
CP-05 Contingency Plan Update 3356
CP-06 Alternate Storage Site 3635
CP-07 Alternate Processing Site 4447
CP-08 Telecommunications Services 2515
CP-09 Information System Backup 4918
CP-10 Information System Recovery And Reconstitution 4593
IA-01 Identification And Authentication Policy And Procedures 5741
IA-02 User Identification And Authentication 8204
IA-03 Device Identification And Authentication 6717
IA-04 Identifier Management 4714
IA-05 Authenticator Management 5950
IA-06 Authenticator Feedback 4009
IA-07 Cryptographic Module Authentication 6162
IR-01 Incident Response Policy And Procedures 4166
IR-02 Incident Response Training 3949
IR-03 Incident Response Testing And Exercises 5875
IR-04 Incident Handling 6661
IR-05 Incident Monitoring 3942
IR-06 Incident Reporting 4156
IR-07 Incident Response Assistance 4009
MA-01 System Maintenance Policy And Procedures 4041
MA-02 Controlled Maintenance 4207
MA-03 Maintenance Tools 3916
MA-04 Remote Maintenance 3999
MA-05 Maintenance Personnel 3350
MA-06 Timely Maintenance 3664
MP-01 Media Protection Policy And Procedures 4386
MP-02 Media Access 4056
MP-03 Media Labeling 2947
MP-04 Media Storage 3161
MP-05 Media Transport 3005
MP-06 Media Sanitization And Disposal 3199
PE-01 Physical And Environmental Protection Policy And Procedures 3720
PE-02 Physical Access Authorizations 3373
PE-03 Physical Access Control 4021
PE-04 Access Control For Transmission Medium 2916
PE-05 Access Control For Display Medium 3068
PE-06 Monitoring Physical Access 3786
PE-07 Visitor Control 2515
PE-08 Access Records 2384
PE-09 Power Equipment And Power Cabling 3167
PE-10 Emergency Shutoff 3027
PE-11 Emergency Power 2954
PE-12 Emergency Lighting 2885
PE-13 Fire Protection 3033
PE-14 Temperature And Humidity Controls 3053
PE-15 Water Damage Protection 2993
PE-16 Delivery And Removal 2933
PE-17 Alternate Work Site 2478
PE-18 Location Of Information System Components 2597
PE-19 Information Leakage 2878
PL-01 Security Planning Policy And Procedures 5639
PL-02 System Security Plan 3718
PL-03 System Security Plan Update 2354
PL-04 Rules Of Behavior 4543
PL-05 Privacy Impact Assessment 2728
PL-06 Security-Related Activity Planning 2525
PS-01 Personnel Security Policy And Procedures 3724
PS-02 Position Categorization 2719
PS-03 Personnel Screening 2557
PS-04 Personnel Termination 2501
PS-05 Personnel Transfer 2461
PS-06 Access Agreements 3870
PS-07 Third-Party Personnel Security 3517
PS-08 Personnel Sanctions 2622
RA-01 Risk Assessment Policy And Procedures 4104
RA-02 Security Categorization 5682
RA-03 Risk Assessment 5268
RA-04 Risk Assessment Update 3990
RA-05 Vulnerability Scanning 5364
SA-01 System And Services Acquisition Policy And Procedures 4670
SA-02 Allocation Of Resources 4301
SA-03 Life Cycle Support 4541
SA-04 Acquisitions 4389
SA-05 Information System Documentation 7413
SA-06 Software Usage Restrictions 3773
SA-07 User Installed Software 3431
SA-08 Security Engineering Principles 7431
SA-09 External Information System Services 4255
SA-10 Developer Configuration Management 3746
SA-11 Developer Security Testing 3847
SC-01 System And Communications Protection Policy And Procedures 4405
SC-02 Application Partitioning 4444
SC-03 Security Function Isolation 5540
SC-04 Information Remnance 6806
SC-05 Denial Of Service Protection 5322
SC-06 Resource Priority 3754
SC-07 Boundary Protection 7682
SC-08 Transmission Integrity 6199
SC-09 Transmission Confidentiality 5848
SC-10 Network Disconnect 3962
SC-11 Trusted Path 4510
SC-12 Cryptographic Key Establishment And Management 4733
SC-13 Use Of Cryptography 5385
SC-14 Public Access Protections 3597
SC-15 Collaborative Computing 4292
SC-16 Transmission Of Security Parameters 2735
SC-17 Public Key Infrastructure Certificates 2896
SC-18 Mobile Code 5429
SC-19 Voice Over Internet Protocol 2595
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 4849
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 2954
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2883
SC-23 Session Authenticity 5493
SI-01 System And Information Integrity Policy And Procedures 4360
SI-02 Flaw Remediation 6535
SI-03 Malicious Code Protection 7166
SI-04 Information System Monitoring Tools And Techniques 5686
SI-05 Security Alerts And Advisories 4015
SI-06 Security Functionality Verification 5967
SI-07 Software And Information Integrity 6920
SI-08 Spam Protection 2619
SI-09 Information Input Restrictions 2847
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6588
SI-11 Error Handling 4192
SI-12 Information Output Handling And Retention 3330