11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 12134
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 33698
13-05 Controls catalog SQL export 4303
AC-01 Access Control Policies and Procedures 22251
AC-02 Account Management 12326
AC-03 Access Enforcement 14550
AC-04 Information Flow Enforcement 13473
AC-05 Separation Of Duties 8295
AC-06 Least Privilege 7833
AC-07 Unsuccessful Login Attempts 7288
AC-08 System Use Notification 6123
AC-09 Previous Logon Notification 6420
AC-10 Concurrent Session Control 5773
AC-11 Session Lock 6483
AC-12 Session Termination 6018
AC-13 Supervision And Review -- Access Control 4967
AC-14 Permitted Actions Without Identification Or Authentication 4910
AC-15 Automated Marking 3805
AC-16 Automated Labeling 3454
AC-17 Remote Access 6609
AC-18 Wireless Access Restrictions 5757
AC-19 Access Control For Portable And Mobile Devices 5838
AC-20 Use Of External Information Systems 5007
AT-01 Security Awareness And Training Policy And Procedures 7203
AT-02 Security Awareness 6961
AT-03 Security Training 6659
AT-04 Security Training Records 4692
AT-05 Contacts With Security Groups And Associations 3694
AU-01 Audit And Accountability Policy And Procedures 7042
AU-02 Auditable Events 9942
AU-03 Content Of Audit Records 5764
AU-04 Audit Storage Capacity 5139
AU-05 Response To Audit Processing Failures 6160
AU-06 Audit Monitoring, Analysis, And Reporting 12401
AU-07 Audit Reduction And Report Generation 6797
AU-08 Time Stamps 4828
AU-09 Protection Of Audit Information 6165
AU-10 Non-Repudiation 7435
AU-11 Audit Record Retention 6945
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6589
CA-02 Security Assessments 8025
CA-03 Information System Connections 4980
CA-04 Security Certification 5898
CA-05 Plan Of Action And Milestones 4785
CA-06 Security Accreditation 4900
CA-07 Continuous Monitoring 7369
CM-01 Configuration Management Policy And Procedures 7068
CM-02 Baseline Configuration 8210
CM-03 Configuration Change Control 7432
CM-04 Monitoring Configuration Changes 4849
CM-05 Access Restrictions For Change 5752
CM-06 Configuration Settings 5986
CM-07 Least Functionality 8256
CM-08 Information System Component Inventory 5945
CP-01 Contingency Planning Policy And Procedures 5158
CP-02 Contingency Plan 4676
CP-03 Contingency Training 4239
CP-04 Contingency Plan Testing And Exercises 6687
CP-05 Contingency Plan Update 3949
CP-06 Alternate Storage Site 4409
CP-07 Alternate Processing Site 5376
CP-08 Telecommunications Services 3050
CP-09 Information System Backup 6303
CP-10 Information System Recovery And Reconstitution 5679
IA-01 Identification And Authentication Policy And Procedures 7077
IA-02 User Identification And Authentication 10500
IA-03 Device Identification And Authentication 8279
IA-04 Identifier Management 5745
IA-05 Authenticator Management 7303
IA-06 Authenticator Feedback 4867
IA-07 Cryptographic Module Authentication 7684
IR-01 Incident Response Policy And Procedures 5234
IR-02 Incident Response Training 4741
IR-03 Incident Response Testing And Exercises 6785
IR-04 Incident Handling 8058
IR-05 Incident Monitoring 4733
IR-06 Incident Reporting 4927
IR-07 Incident Response Assistance 4801
MA-01 System Maintenance Policy And Procedures 5066
MA-02 Controlled Maintenance 5082
MA-03 Maintenance Tools 4683
MA-04 Remote Maintenance 4867
MA-05 Maintenance Personnel 3969
MA-06 Timely Maintenance 4280
MP-01 Media Protection Policy And Procedures 5248
MP-02 Media Access 4902
MP-03 Media Labeling 3574
MP-04 Media Storage 3818
MP-05 Media Transport 3684
MP-06 Media Sanitization And Disposal 3973
PE-01 Physical And Environmental Protection Policy And Procedures 4514
PE-02 Physical Access Authorizations 4043
PE-03 Physical Access Control 5075
PE-04 Access Control For Transmission Medium 3679
PE-05 Access Control For Display Medium 3614
PE-06 Monitoring Physical Access 4606
PE-07 Visitor Control 3067
PE-08 Access Records 2851
PE-09 Power Equipment And Power Cabling 3758
PE-10 Emergency Shutoff 3645
PE-11 Emergency Power 3442
PE-12 Emergency Lighting 3381
PE-13 Fire Protection 3597
PE-14 Temperature And Humidity Controls 3586
PE-15 Water Damage Protection 3540
PE-16 Delivery And Removal 3424
PE-17 Alternate Work Site 2995
PE-18 Location Of Information System Components 3064
PE-19 Information Leakage 3537
PL-01 Security Planning Policy And Procedures 6868
PL-02 System Security Plan 4484
PL-03 System Security Plan Update 2781
PL-04 Rules Of Behavior 5360
PL-05 Privacy Impact Assessment 3833
PL-06 Security-Related Activity Planning 3025
PS-01 Personnel Security Policy And Procedures 4516
PS-02 Position Categorization 3224
PS-03 Personnel Screening 3106
PS-04 Personnel Termination 2917
PS-05 Personnel Transfer 2843
PS-06 Access Agreements 4615
PS-07 Third-Party Personnel Security 4451
PS-08 Personnel Sanctions 3290
RA-01 Risk Assessment Policy And Procedures 5069
RA-02 Security Categorization 6643
RA-03 Risk Assessment 6583
RA-04 Risk Assessment Update 4652
RA-05 Vulnerability Scanning 6911
SA-01 System And Services Acquisition Policy And Procedures 5836
SA-02 Allocation Of Resources 5041
SA-03 Life Cycle Support 5578
SA-04 Acquisitions 5355
SA-05 Information System Documentation 8975
SA-06 Software Usage Restrictions 4606
SA-07 User Installed Software 4145
SA-08 Security Engineering Principles 8626
SA-09 External Information System Services 5365
SA-10 Developer Configuration Management 4614
SA-11 Developer Security Testing 4677
SC-01 System And Communications Protection Policy And Procedures 5441
SC-02 Application Partitioning 5548
SC-03 Security Function Isolation 6867
SC-04 Information Remnance 7968
SC-05 Denial Of Service Protection 6572
SC-06 Resource Priority 4417
SC-07 Boundary Protection 10255
SC-08 Transmission Integrity 7655
SC-09 Transmission Confidentiality 7364
SC-10 Network Disconnect 4696
SC-11 Trusted Path 5527
SC-12 Cryptographic Key Establishment And Management 5957
SC-13 Use Of Cryptography 6678
SC-14 Public Access Protections 4261
SC-15 Collaborative Computing 5219
SC-16 Transmission Of Security Parameters 3385
SC-17 Public Key Infrastructure Certificates 3541
SC-18 Mobile Code 6647
SC-19 Voice Over Internet Protocol 3161
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5967
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3608
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3498
SC-23 Session Authenticity 6928
SI-01 System And Information Integrity Policy And Procedures 5103
SI-02 Flaw Remediation 8297
SI-03 Malicious Code Protection 8873
SI-04 Information System Monitoring Tools And Techniques 7859
SI-05 Security Alerts And Advisories 4878
SI-06 Security Functionality Verification 8660
SI-07 Software And Information Integrity 7961
SI-08 Spam Protection 3228
SI-09 Information Input Restrictions 3470
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8888
SI-11 Error Handling 5164
SI-12 Information Output Handling And Retention 4104