11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 7835
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 24696
13-05 Controls catalog SQL export 3238
AC-01 Access Control Policies and Procedures 15130
AC-02 Account Management 8919
AC-03 Access Enforcement 9159
AC-04 Information Flow Enforcement 9978
AC-05 Separation Of Duties 5846
AC-06 Least Privilege 5643
AC-07 Unsuccessful Login Attempts 5383
AC-08 System Use Notification 4604
AC-09 Previous Logon Notification 5286
AC-10 Concurrent Session Control 4342
AC-11 Session Lock 4751
AC-12 Session Termination 4290
AC-13 Supervision And Review -- Access Control 3774
AC-14 Permitted Actions Without Identification Or Authentication 2815
AC-15 Automated Marking 2982
AC-16 Automated Labeling 2782
AC-17 Remote Access 4588
AC-18 Wireless Access Restrictions 4226
AC-19 Access Control For Portable And Mobile Devices 4397
AC-20 Use Of External Information Systems 3284
AT-01 Security Awareness And Training Policy And Procedures 5419
AT-02 Security Awareness 5366
AT-03 Security Training 5041
AT-04 Security Training Records 3648
AT-05 Contacts With Security Groups And Associations 2706
AU-01 Audit And Accountability Policy And Procedures 5212
AU-02 Auditable Events 7152
AU-03 Content Of Audit Records 4277
AU-04 Audit Storage Capacity 3878
AU-05 Response To Audit Processing Failures 4642
AU-06 Audit Monitoring, Analysis, And Reporting 9567
AU-07 Audit Reduction And Report Generation 5068
AU-08 Time Stamps 3640
AU-09 Protection Of Audit Information 4689
AU-10 Non-Repudiation 5978
AU-11 Audit Record Retention 5715
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5039
CA-02 Security Assessments 5741
CA-03 Information System Connections 3646
CA-04 Security Certification 4619
CA-05 Plan Of Action And Milestones 3718
CA-06 Security Accreditation 3917
CA-07 Continuous Monitoring 5468
CM-01 Configuration Management Policy And Procedures 5560
CM-02 Baseline Configuration 6225
CM-03 Configuration Change Control 5582
CM-04 Monitoring Configuration Changes 3898
CM-05 Access Restrictions For Change 4472
CM-06 Configuration Settings 4389
CM-07 Least Functionality 6307
CM-08 Information System Component Inventory 4486
CP-01 Contingency Planning Policy And Procedures 3811
CP-02 Contingency Plan 3501
CP-03 Contingency Training 3315
CP-04 Contingency Plan Testing And Exercises 5037
CP-05 Contingency Plan Update 3171
CP-06 Alternate Storage Site 3400
CP-07 Alternate Processing Site 4153
CP-08 Telecommunications Services 2357
CP-09 Information System Backup 4523
CP-10 Information System Recovery And Reconstitution 4226
IA-01 Identification And Authentication Policy And Procedures 5402
IA-02 User Identification And Authentication 7538
IA-03 Device Identification And Authentication 6269
IA-04 Identifier Management 4389
IA-05 Authenticator Management 5460
IA-06 Authenticator Feedback 3722
IA-07 Cryptographic Module Authentication 5710
IR-01 Incident Response Policy And Procedures 3867
IR-02 Incident Response Training 3694
IR-03 Incident Response Testing And Exercises 5586
IR-04 Incident Handling 6199
IR-05 Incident Monitoring 3701
IR-06 Incident Reporting 3885
IR-07 Incident Response Assistance 3736
MA-01 System Maintenance Policy And Procedures 3734
MA-02 Controlled Maintenance 3905
MA-03 Maintenance Tools 3660
MA-04 Remote Maintenance 3758
MA-05 Maintenance Personnel 3150
MA-06 Timely Maintenance 3465
MP-01 Media Protection Policy And Procedures 4094
MP-02 Media Access 3736
MP-03 Media Labeling 2744
MP-04 Media Storage 2871
MP-05 Media Transport 2755
MP-06 Media Sanitization And Disposal 2934
PE-01 Physical And Environmental Protection Policy And Procedures 3456
PE-02 Physical Access Authorizations 3144
PE-03 Physical Access Control 3693
PE-04 Access Control For Transmission Medium 2676
PE-05 Access Control For Display Medium 2899
PE-06 Monitoring Physical Access 3515
PE-07 Visitor Control 2320
PE-08 Access Records 2235
PE-09 Power Equipment And Power Cabling 2957
PE-10 Emergency Shutoff 2862
PE-11 Emergency Power 2783
PE-12 Emergency Lighting 2707
PE-13 Fire Protection 2852
PE-14 Temperature And Humidity Controls 2859
PE-15 Water Damage Protection 2805
PE-16 Delivery And Removal 2757
PE-17 Alternate Work Site 2293
PE-18 Location Of Information System Components 2426
PE-19 Information Leakage 2679
PL-01 Security Planning Policy And Procedures 5228
PL-02 System Security Plan 3457
PL-03 System Security Plan Update 2196
PL-04 Rules Of Behavior 3991
PL-05 Privacy Impact Assessment 2542
PL-06 Security-Related Activity Planning 2319
PS-01 Personnel Security Policy And Procedures 3479
PS-02 Position Categorization 2563
PS-03 Personnel Screening 2377
PS-04 Personnel Termination 2355
PS-05 Personnel Transfer 2316
PS-06 Access Agreements 3625
PS-07 Third-Party Personnel Security 3232
PS-08 Personnel Sanctions 2424
RA-01 Risk Assessment Policy And Procedures 3832
RA-02 Security Categorization 5378
RA-03 Risk Assessment 4899
RA-04 Risk Assessment Update 3789
RA-05 Vulnerability Scanning 4901
SA-01 System And Services Acquisition Policy And Procedures 4331
SA-02 Allocation Of Resources 4037
SA-03 Life Cycle Support 4239
SA-04 Acquisitions 4060
SA-05 Information System Documentation 6937
SA-06 Software Usage Restrictions 3517
SA-07 User Installed Software 3205
SA-08 Security Engineering Principles 7018
SA-09 External Information System Services 3957
SA-10 Developer Configuration Management 3512
SA-11 Developer Security Testing 3592
SC-01 System And Communications Protection Policy And Procedures 4095
SC-02 Application Partitioning 4123
SC-03 Security Function Isolation 5156
SC-04 Information Remnance 6467
SC-05 Denial Of Service Protection 4954
SC-06 Resource Priority 3541
SC-07 Boundary Protection 6978
SC-08 Transmission Integrity 5753
SC-09 Transmission Confidentiality 5417
SC-10 Network Disconnect 3703
SC-11 Trusted Path 4190
SC-12 Cryptographic Key Establishment And Management 4374
SC-13 Use Of Cryptography 5005
SC-14 Public Access Protections 3377
SC-15 Collaborative Computing 3904
SC-16 Transmission Of Security Parameters 2554
SC-17 Public Key Infrastructure Certificates 2692
SC-18 Mobile Code 5049
SC-19 Voice Over Internet Protocol 2411
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 4440
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 2719
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2661
SC-23 Session Authenticity 5096
SI-01 System And Information Integrity Policy And Procedures 4124
SI-02 Flaw Remediation 6021
SI-03 Malicious Code Protection 6704
SI-04 Information System Monitoring Tools And Techniques 5121
SI-05 Security Alerts And Advisories 3753
SI-06 Security Functionality Verification 5613
SI-07 Software And Information Integrity 6568
SI-08 Spam Protection 2435
SI-09 Information Input Restrictions 2646
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6209
SI-11 Error Handling 3901
SI-12 Information Output Handling And Retention 3074