11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 15708
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 41973
13-05 Controls catalog SQL export 5414
AC-01 Access Control Policies and Procedures 27248
AC-02 Account Management 15514
AC-03 Access Enforcement 18231
AC-04 Information Flow Enforcement 17034
AC-05 Separation Of Duties 10299
AC-06 Least Privilege 10072
AC-07 Unsuccessful Login Attempts 9352
AC-08 System Use Notification 7743
AC-09 Previous Logon Notification 7788
AC-10 Concurrent Session Control 7385
AC-11 Session Lock 8390
AC-12 Session Termination 7906
AC-13 Supervision And Review -- Access Control 6128
AC-14 Permitted Actions Without Identification Or Authentication 5945
AC-15 Automated Marking 4838
AC-16 Automated Labeling 4291
AC-17 Remote Access 8635
AC-18 Wireless Access Restrictions 7632
AC-19 Access Control For Portable And Mobile Devices 7520
AC-20 Use Of External Information Systems 6908
AT-01 Security Awareness And Training Policy And Procedures 9246
AT-02 Security Awareness 8712
AT-03 Security Training 8528
AT-04 Security Training Records 5828
AT-05 Contacts With Security Groups And Associations 4698
AU-01 Audit And Accountability Policy And Procedures 9220
AU-02 Auditable Events 12736
AU-03 Content Of Audit Records 7365
AU-04 Audit Storage Capacity 6537
AU-05 Response To Audit Processing Failures 8121
AU-06 Audit Monitoring, Analysis, And Reporting 15399
AU-07 Audit Reduction And Report Generation 8510
AU-08 Time Stamps 6209
AU-09 Protection Of Audit Information 7988
AU-10 Non-Repudiation 8956
AU-11 Audit Record Retention 8317
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 8188
CA-02 Security Assessments 10361
CA-03 Information System Connections 6295
CA-04 Security Certification 7491
CA-05 Plan Of Action And Milestones 6031
CA-06 Security Accreditation 6158
CA-07 Continuous Monitoring 9536
CM-01 Configuration Management Policy And Procedures 8680
CM-02 Baseline Configuration 10211
CM-03 Configuration Change Control 9329
CM-04 Monitoring Configuration Changes 6238
CM-05 Access Restrictions For Change 7350
CM-06 Configuration Settings 7518
CM-07 Least Functionality 10501
CM-08 Information System Component Inventory 7628
CP-01 Contingency Planning Policy And Procedures 6628
CP-02 Contingency Plan 6068
CP-03 Contingency Training 5330
CP-04 Contingency Plan Testing And Exercises 8558
CP-05 Contingency Plan Update 4967
CP-06 Alternate Storage Site 5579
CP-07 Alternate Processing Site 6895
CP-08 Telecommunications Services 3838
CP-09 Information System Backup 8200
CP-10 Information System Recovery And Reconstitution 7394
IA-01 Identification And Authentication Policy And Procedures 9052
IA-02 User Identification And Authentication 13379
IA-03 Device Identification And Authentication 10539
IA-04 Identifier Management 7349
IA-05 Authenticator Management 9219
IA-06 Authenticator Feedback 6242
IA-07 Cryptographic Module Authentication 9699
IR-01 Incident Response Policy And Procedures 6899
IR-02 Incident Response Training 5990
IR-03 Incident Response Testing And Exercises 8221
IR-04 Incident Handling 10483
IR-05 Incident Monitoring 6102
IR-06 Incident Reporting 6230
IR-07 Incident Response Assistance 6083
MA-01 System Maintenance Policy And Procedures 6285
MA-02 Controlled Maintenance 6295
MA-03 Maintenance Tools 6002
MA-04 Remote Maintenance 6379
MA-05 Maintenance Personnel 4998
MA-06 Timely Maintenance 5416
MP-01 Media Protection Policy And Procedures 6469
MP-02 Media Access 6212
MP-03 Media Labeling 4522
MP-04 Media Storage 4756
MP-05 Media Transport 4749
MP-06 Media Sanitization And Disposal 5139
PE-01 Physical And Environmental Protection Policy And Procedures 5729
PE-02 Physical Access Authorizations 5180
PE-03 Physical Access Control 6612
PE-04 Access Control For Transmission Medium 4824
PE-05 Access Control For Display Medium 4585
PE-06 Monitoring Physical Access 5874
PE-07 Visitor Control 3943
PE-08 Access Records 3636
PE-09 Power Equipment And Power Cabling 4764
PE-10 Emergency Shutoff 4603
PE-11 Emergency Power 4358
PE-12 Emergency Lighting 4298
PE-13 Fire Protection 4520
PE-14 Temperature And Humidity Controls 4487
PE-15 Water Damage Protection 4466
PE-16 Delivery And Removal 4358
PE-17 Alternate Work Site 3794
PE-18 Location Of Information System Components 3854
PE-19 Information Leakage 4442
PL-01 Security Planning Policy And Procedures 8516
PL-02 System Security Plan 5727
PL-03 System Security Plan Update 3429
PL-04 Rules Of Behavior 6770
PL-05 Privacy Impact Assessment 4627
PL-06 Security-Related Activity Planning 3825
PS-01 Personnel Security Policy And Procedures 5730
PS-02 Position Categorization 4119
PS-03 Personnel Screening 3996
PS-04 Personnel Termination 3620
PS-05 Personnel Transfer 3521
PS-06 Access Agreements 5850
PS-07 Third-Party Personnel Security 5644
PS-08 Personnel Sanctions 4338
RA-01 Risk Assessment Policy And Procedures 6432
RA-02 Security Categorization 8108
RA-03 Risk Assessment 8634
RA-04 Risk Assessment Update 5790
RA-05 Vulnerability Scanning 9105
SA-01 System And Services Acquisition Policy And Procedures 7357
SA-02 Allocation Of Resources 6258
SA-03 Life Cycle Support 7134
SA-04 Acquisitions 6771
SA-05 Information System Documentation 11389
SA-06 Software Usage Restrictions 5811
SA-07 User Installed Software 5410
SA-08 Security Engineering Principles 10400
SA-09 External Information System Services 7083
SA-10 Developer Configuration Management 5932
SA-11 Developer Security Testing 5788
SC-01 System And Communications Protection Policy And Procedures 6922
SC-02 Application Partitioning 7176
SC-03 Security Function Isolation 8744
SC-04 Information Remnance 9594
SC-05 Denial Of Service Protection 8376
SC-06 Resource Priority 5593
SC-07 Boundary Protection 13471
SC-08 Transmission Integrity 9660
SC-09 Transmission Confidentiality 9396
SC-10 Network Disconnect 6069
SC-11 Trusted Path 7087
SC-12 Cryptographic Key Establishment And Management 7781
SC-13 Use Of Cryptography 8529
SC-14 Public Access Protections 5284
SC-15 Collaborative Computing 6594
SC-16 Transmission Of Security Parameters 4182
SC-17 Public Key Infrastructure Certificates 4497
SC-18 Mobile Code 8319
SC-19 Voice Over Internet Protocol 3923
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 7525
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 4674
SC-22 Architecture And Provisioning For Name / Address Resolution Service 4472
SC-23 Session Authenticity 8992
SI-01 System And Information Integrity Policy And Procedures 6232
SI-02 Flaw Remediation 10648
SI-03 Malicious Code Protection 11319
SI-04 Information System Monitoring Tools And Techniques 11346
SI-05 Security Alerts And Advisories 6258
SI-06 Security Functionality Verification 10495
SI-07 Software And Information Integrity 9608
SI-08 Spam Protection 4147
SI-09 Information Input Restrictions 4410
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 10387
SI-11 Error Handling 6472
SI-12 Information Output Handling And Retention 5212