11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 11932
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 33213
13-05 Controls catalog SQL export 4253
AC-01 Access Control Policies and Procedures 22016
AC-02 Account Management 12158
AC-03 Access Enforcement 14318
AC-04 Information Flow Enforcement 13261
AC-05 Separation Of Duties 8197
AC-06 Least Privilege 7697
AC-07 Unsuccessful Login Attempts 7197
AC-08 System Use Notification 6044
AC-09 Previous Logon Notification 6363
AC-10 Concurrent Session Control 5698
AC-11 Session Lock 6385
AC-12 Session Termination 5914
AC-13 Supervision And Review -- Access Control 4904
AC-14 Permitted Actions Without Identification Or Authentication 4853
AC-15 Automated Marking 3762
AC-16 Automated Labeling 3420
AC-17 Remote Access 6492
AC-18 Wireless Access Restrictions 5677
AC-19 Access Control For Portable And Mobile Devices 5761
AC-20 Use Of External Information Systems 4882
AT-01 Security Awareness And Training Policy And Procedures 7130
AT-02 Security Awareness 6865
AT-03 Security Training 6578
AT-04 Security Training Records 4635
AT-05 Contacts With Security Groups And Associations 3643
AU-01 Audit And Accountability Policy And Procedures 6928
AU-02 Auditable Events 9796
AU-03 Content Of Audit Records 5677
AU-04 Audit Storage Capacity 5060
AU-05 Response To Audit Processing Failures 6063
AU-06 Audit Monitoring, Analysis, And Reporting 12254
AU-07 Audit Reduction And Report Generation 6689
AU-08 Time Stamps 4773
AU-09 Protection Of Audit Information 6090
AU-10 Non-Repudiation 7358
AU-11 Audit Record Retention 6881
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6507
CA-02 Security Assessments 7920
CA-03 Information System Connections 4910
CA-04 Security Certification 5826
CA-05 Plan Of Action And Milestones 4726
CA-06 Security Accreditation 4853
CA-07 Continuous Monitoring 7272
CM-01 Configuration Management Policy And Procedures 6981
CM-02 Baseline Configuration 8108
CM-03 Configuration Change Control 7343
CM-04 Monitoring Configuration Changes 4795
CM-05 Access Restrictions For Change 5686
CM-06 Configuration Settings 5908
CM-07 Least Functionality 8142
CM-08 Information System Component Inventory 5841
CP-01 Contingency Planning Policy And Procedures 5066
CP-02 Contingency Plan 4614
CP-03 Contingency Training 4178
CP-04 Contingency Plan Testing And Exercises 6584
CP-05 Contingency Plan Update 3906
CP-06 Alternate Storage Site 4341
CP-07 Alternate Processing Site 5311
CP-08 Telecommunications Services 3007
CP-09 Information System Backup 6212
CP-10 Information System Recovery And Reconstitution 5590
IA-01 Identification And Authentication Policy And Procedures 6969
IA-02 User Identification And Authentication 10316
IA-03 Device Identification And Authentication 8167
IA-04 Identifier Management 5667
IA-05 Authenticator Management 7209
IA-06 Authenticator Feedback 4810
IA-07 Cryptographic Module Authentication 7581
IR-01 Incident Response Policy And Procedures 5154
IR-02 Incident Response Training 4692
IR-03 Incident Response Testing And Exercises 6713
IR-04 Incident Handling 7967
IR-05 Incident Monitoring 4681
IR-06 Incident Reporting 4879
IR-07 Incident Response Assistance 4748
MA-01 System Maintenance Policy And Procedures 4994
MA-02 Controlled Maintenance 5011
MA-03 Maintenance Tools 4622
MA-04 Remote Maintenance 4795
MA-05 Maintenance Personnel 3923
MA-06 Timely Maintenance 4225
MP-01 Media Protection Policy And Procedures 5189
MP-02 Media Access 4839
MP-03 Media Labeling 3528
MP-04 Media Storage 3777
MP-05 Media Transport 3639
MP-06 Media Sanitization And Disposal 3913
PE-01 Physical And Environmental Protection Policy And Procedures 4443
PE-02 Physical Access Authorizations 3989
PE-03 Physical Access Control 5023
PE-04 Access Control For Transmission Medium 3611
PE-05 Access Control For Display Medium 3579
PE-06 Monitoring Physical Access 4538
PE-07 Visitor Control 3023
PE-08 Access Records 2815
PE-09 Power Equipment And Power Cabling 3720
PE-10 Emergency Shutoff 3590
PE-11 Emergency Power 3414
PE-12 Emergency Lighting 3343
PE-13 Fire Protection 3563
PE-14 Temperature And Humidity Controls 3546
PE-15 Water Damage Protection 3512
PE-16 Delivery And Removal 3386
PE-17 Alternate Work Site 2960
PE-18 Location Of Information System Components 3027
PE-19 Information Leakage 3489
PL-01 Security Planning Policy And Procedures 6767
PL-02 System Security Plan 4427
PL-03 System Security Plan Update 2746
PL-04 Rules Of Behavior 5313
PL-05 Privacy Impact Assessment 3788
PL-06 Security-Related Activity Planning 2984
PS-01 Personnel Security Policy And Procedures 4455
PS-02 Position Categorization 3189
PS-03 Personnel Screening 3063
PS-04 Personnel Termination 2878
PS-05 Personnel Transfer 2811
PS-06 Access Agreements 4569
PS-07 Third-Party Personnel Security 4380
PS-08 Personnel Sanctions 3236
RA-01 Risk Assessment Policy And Procedures 4989
RA-02 Security Categorization 6586
RA-03 Risk Assessment 6492
RA-04 Risk Assessment Update 4593
RA-05 Vulnerability Scanning 6791
SA-01 System And Services Acquisition Policy And Procedures 5742
SA-02 Allocation Of Resources 4982
SA-03 Life Cycle Support 5512
SA-04 Acquisitions 5283
SA-05 Information System Documentation 8848
SA-06 Software Usage Restrictions 4551
SA-07 User Installed Software 4095
SA-08 Security Engineering Principles 8540
SA-09 External Information System Services 5275
SA-10 Developer Configuration Management 4528
SA-11 Developer Security Testing 4612
SC-01 System And Communications Protection Policy And Procedures 5353
SC-02 Application Partitioning 5446
SC-03 Security Function Isolation 6749
SC-04 Information Remnance 7883
SC-05 Denial Of Service Protection 6483
SC-06 Resource Priority 4354
SC-07 Boundary Protection 10045
SC-08 Transmission Integrity 7568
SC-09 Transmission Confidentiality 7267
SC-10 Network Disconnect 4641
SC-11 Trusted Path 5461
SC-12 Cryptographic Key Establishment And Management 5874
SC-13 Use Of Cryptography 6586
SC-14 Public Access Protections 4213
SC-15 Collaborative Computing 5161
SC-16 Transmission Of Security Parameters 3326
SC-17 Public Key Infrastructure Certificates 3492
SC-18 Mobile Code 6557
SC-19 Voice Over Internet Protocol 3118
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5877
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3550
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3444
SC-23 Session Authenticity 6823
SI-01 System And Information Integrity Policy And Procedures 5039
SI-02 Flaw Remediation 8140
SI-03 Malicious Code Protection 8758
SI-04 Information System Monitoring Tools And Techniques 7677
SI-05 Security Alerts And Advisories 4817
SI-06 Security Functionality Verification 8596
SI-07 Software And Information Integrity 7877
SI-08 Spam Protection 3179
SI-09 Information Input Restrictions 3425
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8823
SI-11 Error Handling 5090
SI-12 Information Output Handling And Retention 4027