11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9375
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 27582
13-05 Controls catalog SQL export 3592
AC-01 Access Control Policies and Procedures 18291
AC-02 Account Management 10035
AC-03 Access Enforcement 10248
AC-04 Information Flow Enforcement 11081
AC-05 Separation Of Duties 6462
AC-06 Least Privilege 6282
AC-07 Unsuccessful Login Attempts 5978
AC-08 System Use Notification 5032
AC-09 Previous Logon Notification 5604
AC-10 Concurrent Session Control 4799
AC-11 Session Lock 5253
AC-12 Session Termination 4792
AC-13 Supervision And Review -- Access Control 4134
AC-14 Permitted Actions Without Identification Or Authentication 3073
AC-15 Automated Marking 3247
AC-16 Automated Labeling 2997
AC-17 Remote Access 5136
AC-18 Wireless Access Restrictions 4691
AC-19 Access Control For Portable And Mobile Devices 4836
AC-20 Use Of External Information Systems 3742
AT-01 Security Awareness And Training Policy And Procedures 5920
AT-02 Security Awareness 5881
AT-03 Security Training 5504
AT-04 Security Training Records 4005
AT-05 Contacts With Security Groups And Associations 2982
AU-01 Audit And Accountability Policy And Procedures 5747
AU-02 Auditable Events 8019
AU-03 Content Of Audit Records 4685
AU-04 Audit Storage Capacity 4265
AU-05 Response To Audit Processing Failures 5030
AU-06 Audit Monitoring, Analysis, And Reporting 10463
AU-07 Audit Reduction And Report Generation 5564
AU-08 Time Stamps 4026
AU-09 Protection Of Audit Information 5123
AU-10 Non-Repudiation 6448
AU-11 Audit Record Retention 6120
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5539
CA-02 Security Assessments 6384
CA-03 Information System Connections 4023
CA-04 Security Certification 5024
CA-05 Plan Of Action And Milestones 4031
CA-06 Security Accreditation 4232
CA-07 Continuous Monitoring 6109
CM-01 Configuration Management Policy And Procedures 6022
CM-02 Baseline Configuration 6784
CM-03 Configuration Change Control 6209
CM-04 Monitoring Configuration Changes 4197
CM-05 Access Restrictions For Change 4924
CM-06 Configuration Settings 4928
CM-07 Least Functionality 6860
CM-08 Information System Component Inventory 4883
CP-01 Contingency Planning Policy And Procedures 4186
CP-02 Contingency Plan 3869
CP-03 Contingency Training 3613
CP-04 Contingency Plan Testing And Exercises 5575
CP-05 Contingency Plan Update 3416
CP-06 Alternate Storage Site 3697
CP-07 Alternate Processing Site 4538
CP-08 Telecommunications Services 2560
CP-09 Information System Backup 5044
CP-10 Information System Recovery And Reconstitution 4707
IA-01 Identification And Authentication Policy And Procedures 5852
IA-02 User Identification And Authentication 8435
IA-03 Device Identification And Authentication 6863
IA-04 Identifier Management 4834
IA-05 Authenticator Management 6105
IA-06 Authenticator Feedback 4100
IA-07 Cryptographic Module Authentication 6326
IR-01 Incident Response Policy And Procedures 4252
IR-02 Incident Response Training 4031
IR-03 Incident Response Testing And Exercises 5954
IR-04 Incident Handling 6825
IR-05 Incident Monitoring 4022
IR-06 Incident Reporting 4235
IR-07 Incident Response Assistance 4090
MA-01 System Maintenance Policy And Procedures 4164
MA-02 Controlled Maintenance 4292
MA-03 Maintenance Tools 3989
MA-04 Remote Maintenance 4077
MA-05 Maintenance Personnel 3418
MA-06 Timely Maintenance 3722
MP-01 Media Protection Policy And Procedures 4461
MP-02 Media Access 4139
MP-03 Media Labeling 3017
MP-04 Media Storage 3228
MP-05 Media Transport 3077
MP-06 Media Sanitization And Disposal 3269
PE-01 Physical And Environmental Protection Policy And Procedures 3809
PE-02 Physical Access Authorizations 3444
PE-03 Physical Access Control 4132
PE-04 Access Control For Transmission Medium 2993
PE-05 Access Control For Display Medium 3124
PE-06 Monitoring Physical Access 3875
PE-07 Visitor Control 2574
PE-08 Access Records 2425
PE-09 Power Equipment And Power Cabling 3223
PE-10 Emergency Shutoff 3088
PE-11 Emergency Power 3012
PE-12 Emergency Lighting 2934
PE-13 Fire Protection 3100
PE-14 Temperature And Humidity Controls 3115
PE-15 Water Damage Protection 3049
PE-16 Delivery And Removal 2982
PE-17 Alternate Work Site 2531
PE-18 Location Of Information System Components 2640
PE-19 Information Leakage 2933
PL-01 Security Planning Policy And Procedures 5752
PL-02 System Security Plan 3785
PL-03 System Security Plan Update 2402
PL-04 Rules Of Behavior 4633
PL-05 Privacy Impact Assessment 2790
PL-06 Security-Related Activity Planning 2576
PS-01 Personnel Security Policy And Procedures 3788
PS-02 Position Categorization 2783
PS-03 Personnel Screening 2607
PS-04 Personnel Termination 2544
PS-05 Personnel Transfer 2495
PS-06 Access Agreements 3955
PS-07 Third-Party Personnel Security 3607
PS-08 Personnel Sanctions 2671
RA-01 Risk Assessment Policy And Procedures 4181
RA-02 Security Categorization 5772
RA-03 Risk Assessment 5388
RA-04 Risk Assessment Update 4058
RA-05 Vulnerability Scanning 5498
SA-01 System And Services Acquisition Policy And Procedures 4778
SA-02 Allocation Of Resources 4374
SA-03 Life Cycle Support 4649
SA-04 Acquisitions 4501
SA-05 Information System Documentation 7569
SA-06 Software Usage Restrictions 3845
SA-07 User Installed Software 3519
SA-08 Security Engineering Principles 7550
SA-09 External Information System Services 4350
SA-10 Developer Configuration Management 3831
SA-11 Developer Security Testing 3920
SC-01 System And Communications Protection Policy And Procedures 4490
SC-02 Application Partitioning 4563
SC-03 Security Function Isolation 5671
SC-04 Information Remnance 6923
SC-05 Denial Of Service Protection 5430
SC-06 Resource Priority 3826
SC-07 Boundary Protection 7909
SC-08 Transmission Integrity 6320
SC-09 Transmission Confidentiality 5990
SC-10 Network Disconnect 4037
SC-11 Trusted Path 4603
SC-12 Cryptographic Key Establishment And Management 4852
SC-13 Use Of Cryptography 5511
SC-14 Public Access Protections 3658
SC-15 Collaborative Computing 4378
SC-16 Transmission Of Security Parameters 2807
SC-17 Public Key Infrastructure Certificates 2969
SC-18 Mobile Code 5562
SC-19 Voice Over Internet Protocol 2652
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 4947
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3020
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2948
SC-23 Session Authenticity 5622
SI-01 System And Information Integrity Policy And Procedures 4414
SI-02 Flaw Remediation 6716
SI-03 Malicious Code Protection 7332
SI-04 Information System Monitoring Tools And Techniques 5858
SI-05 Security Alerts And Advisories 4095
SI-06 Security Functionality Verification 6083
SI-07 Software And Information Integrity 7035
SI-08 Spam Protection 2688
SI-09 Information Input Restrictions 2919
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6696
SI-11 Error Handling 4296
SI-12 Information Output Handling And Retention 3398