11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 7861
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 24787
13-05 Controls catalog SQL export 3246
AC-01 Access Control Policies and Procedures 15165
AC-02 Account Management 8936
AC-03 Access Enforcement 9185
AC-04 Information Flow Enforcement 10004
AC-05 Separation Of Duties 5858
AC-06 Least Privilege 5660
AC-07 Unsuccessful Login Attempts 5394
AC-08 System Use Notification 4617
AC-09 Previous Logon Notification 5293
AC-10 Concurrent Session Control 4354
AC-11 Session Lock 4759
AC-12 Session Termination 4300
AC-13 Supervision And Review -- Access Control 3782
AC-14 Permitted Actions Without Identification Or Authentication 2822
AC-15 Automated Marking 2989
AC-16 Automated Labeling 2789
AC-17 Remote Access 4601
AC-18 Wireless Access Restrictions 4235
AC-19 Access Control For Portable And Mobile Devices 4410
AC-20 Use Of External Information Systems 3293
AT-01 Security Awareness And Training Policy And Procedures 5428
AT-02 Security Awareness 5379
AT-03 Security Training 5050
AT-04 Security Training Records 3654
AT-05 Contacts With Security Groups And Associations 2712
AU-01 Audit And Accountability Policy And Procedures 5230
AU-02 Auditable Events 7172
AU-03 Content Of Audit Records 4284
AU-04 Audit Storage Capacity 3889
AU-05 Response To Audit Processing Failures 4646
AU-06 Audit Monitoring, Analysis, And Reporting 9595
AU-07 Audit Reduction And Report Generation 5078
AU-08 Time Stamps 3649
AU-09 Protection Of Audit Information 4700
AU-10 Non-Repudiation 5988
AU-11 Audit Record Retention 5721
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5049
CA-02 Security Assessments 5760
CA-03 Information System Connections 3654
CA-04 Security Certification 4628
CA-05 Plan Of Action And Milestones 3725
CA-06 Security Accreditation 3923
CA-07 Continuous Monitoring 5482
CM-01 Configuration Management Policy And Procedures 5567
CM-02 Baseline Configuration 6234
CM-03 Configuration Change Control 5591
CM-04 Monitoring Configuration Changes 3902
CM-05 Access Restrictions For Change 4482
CM-06 Configuration Settings 4405
CM-07 Least Functionality 6326
CM-08 Information System Component Inventory 4491
CP-01 Contingency Planning Policy And Procedures 3815
CP-02 Contingency Plan 3504
CP-03 Contingency Training 3316
CP-04 Contingency Plan Testing And Exercises 5053
CP-05 Contingency Plan Update 3175
CP-06 Alternate Storage Site 3406
CP-07 Alternate Processing Site 4165
CP-08 Telecommunications Services 2362
CP-09 Information System Backup 4531
CP-10 Information System Recovery And Reconstitution 4237
IA-01 Identification And Authentication Policy And Procedures 5411
IA-02 User Identification And Authentication 7556
IA-03 Device Identification And Authentication 6280
IA-04 Identifier Management 4403
IA-05 Authenticator Management 5468
IA-06 Authenticator Feedback 3731
IA-07 Cryptographic Module Authentication 5724
IR-01 Incident Response Policy And Procedures 3880
IR-02 Incident Response Training 3699
IR-03 Incident Response Testing And Exercises 5591
IR-04 Incident Handling 6207
IR-05 Incident Monitoring 3706
IR-06 Incident Reporting 3890
IR-07 Incident Response Assistance 3738
MA-01 System Maintenance Policy And Procedures 3736
MA-02 Controlled Maintenance 3911
MA-03 Maintenance Tools 3663
MA-04 Remote Maintenance 3765
MA-05 Maintenance Personnel 3159
MA-06 Timely Maintenance 3468
MP-01 Media Protection Policy And Procedures 4102
MP-02 Media Access 3742
MP-03 Media Labeling 2751
MP-04 Media Storage 2876
MP-05 Media Transport 2758
MP-06 Media Sanitization And Disposal 2944
PE-01 Physical And Environmental Protection Policy And Procedures 3462
PE-02 Physical Access Authorizations 3152
PE-03 Physical Access Control 3702
PE-04 Access Control For Transmission Medium 2681
PE-05 Access Control For Display Medium 2902
PE-06 Monitoring Physical Access 3522
PE-07 Visitor Control 2326
PE-08 Access Records 2239
PE-09 Power Equipment And Power Cabling 2959
PE-10 Emergency Shutoff 2865
PE-11 Emergency Power 2786
PE-12 Emergency Lighting 2709
PE-13 Fire Protection 2858
PE-14 Temperature And Humidity Controls 2869
PE-15 Water Damage Protection 2805
PE-16 Delivery And Removal 2759
PE-17 Alternate Work Site 2295
PE-18 Location Of Information System Components 2430
PE-19 Information Leakage 2684
PL-01 Security Planning Policy And Procedures 5237
PL-02 System Security Plan 3463
PL-03 System Security Plan Update 2200
PL-04 Rules Of Behavior 4052
PL-05 Privacy Impact Assessment 2551
PL-06 Security-Related Activity Planning 2323
PS-01 Personnel Security Policy And Procedures 3485
PS-02 Position Categorization 2569
PS-03 Personnel Screening 2387
PS-04 Personnel Termination 2361
PS-05 Personnel Transfer 2318
PS-06 Access Agreements 3633
PS-07 Third-Party Personnel Security 3243
PS-08 Personnel Sanctions 2428
RA-01 Risk Assessment Policy And Procedures 3836
RA-02 Security Categorization 5388
RA-03 Risk Assessment 4905
RA-04 Risk Assessment Update 3794
RA-05 Vulnerability Scanning 4913
SA-01 System And Services Acquisition Policy And Procedures 4337
SA-02 Allocation Of Resources 4042
SA-03 Life Cycle Support 4251
SA-04 Acquisitions 4073
SA-05 Information System Documentation 6951
SA-06 Software Usage Restrictions 3526
SA-07 User Installed Software 3213
SA-08 Security Engineering Principles 7042
SA-09 External Information System Services 3972
SA-10 Developer Configuration Management 3516
SA-11 Developer Security Testing 3601
SC-01 System And Communications Protection Policy And Procedures 4100
SC-02 Application Partitioning 4130
SC-03 Security Function Isolation 5166
SC-04 Information Remnance 6472
SC-05 Denial Of Service Protection 4959
SC-06 Resource Priority 3543
SC-07 Boundary Protection 6996
SC-08 Transmission Integrity 5764
SC-09 Transmission Confidentiality 5434
SC-10 Network Disconnect 3707
SC-11 Trusted Path 4195
SC-12 Cryptographic Key Establishment And Management 4383
SC-13 Use Of Cryptography 5017
SC-14 Public Access Protections 3385
SC-15 Collaborative Computing 3910
SC-16 Transmission Of Security Parameters 2560
SC-17 Public Key Infrastructure Certificates 2694
SC-18 Mobile Code 5060
SC-19 Voice Over Internet Protocol 2413
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 4449
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 2725
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2669
SC-23 Session Authenticity 5112
SI-01 System And Information Integrity Policy And Procedures 4131
SI-02 Flaw Remediation 6033
SI-03 Malicious Code Protection 6714
SI-04 Information System Monitoring Tools And Techniques 5132
SI-05 Security Alerts And Advisories 3760
SI-06 Security Functionality Verification 5623
SI-07 Software And Information Integrity 6585
SI-08 Spam Protection 2441
SI-09 Information Input Restrictions 2657
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6222
SI-11 Error Handling 3910
SI-12 Information Output Handling And Retention 3083