11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9519
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 27937
13-05 Controls catalog SQL export 3630
AC-01 Access Control Policies and Procedures 18553
AC-02 Account Management 10186
AC-03 Access Enforcement 10413
AC-04 Information Flow Enforcement 11247
AC-05 Separation Of Duties 6552
AC-06 Least Privilege 6369
AC-07 Unsuccessful Login Attempts 6054
AC-08 System Use Notification 5107
AC-09 Previous Logon Notification 5644
AC-10 Concurrent Session Control 4851
AC-11 Session Lock 5316
AC-12 Session Termination 4852
AC-13 Supervision And Review -- Access Control 4169
AC-14 Permitted Actions Without Identification Or Authentication 3106
AC-15 Automated Marking 3278
AC-16 Automated Labeling 3035
AC-17 Remote Access 5214
AC-18 Wireless Access Restrictions 4757
AC-19 Access Control For Portable And Mobile Devices 4892
AC-20 Use Of External Information Systems 3801
AT-01 Security Awareness And Training Policy And Procedures 5993
AT-02 Security Awareness 5944
AT-03 Security Training 5578
AT-04 Security Training Records 4053
AT-05 Contacts With Security Groups And Associations 3009
AU-01 Audit And Accountability Policy And Procedures 5821
AU-02 Auditable Events 8143
AU-03 Content Of Audit Records 4751
AU-04 Audit Storage Capacity 4312
AU-05 Response To Audit Processing Failures 5082
AU-06 Audit Monitoring, Analysis, And Reporting 10571
AU-07 Audit Reduction And Report Generation 5631
AU-08 Time Stamps 4085
AU-09 Protection Of Audit Information 5190
AU-10 Non-Repudiation 6520
AU-11 Audit Record Retention 6172
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5612
CA-02 Security Assessments 6490
CA-03 Information System Connections 4070
CA-04 Security Certification 5071
CA-05 Plan Of Action And Milestones 4075
CA-06 Security Accreditation 4277
CA-07 Continuous Monitoring 6196
CM-01 Configuration Management Policy And Procedures 6078
CM-02 Baseline Configuration 6872
CM-03 Configuration Change Control 6285
CM-04 Monitoring Configuration Changes 4232
CM-05 Access Restrictions For Change 4984
CM-06 Configuration Settings 4995
CM-07 Least Functionality 6945
CM-08 Information System Component Inventory 4942
CP-01 Contingency Planning Policy And Procedures 4249
CP-02 Contingency Plan 3922
CP-03 Contingency Training 3647
CP-04 Contingency Plan Testing And Exercises 5636
CP-05 Contingency Plan Update 3442
CP-06 Alternate Storage Site 3725
CP-07 Alternate Processing Site 4580
CP-08 Telecommunications Services 2583
CP-09 Information System Backup 5131
CP-10 Information System Recovery And Reconstitution 4772
IA-01 Identification And Authentication Policy And Procedures 5922
IA-02 User Identification And Authentication 8560
IA-03 Device Identification And Authentication 6942
IA-04 Identifier Management 4884
IA-05 Authenticator Management 6176
IA-06 Authenticator Feedback 4152
IA-07 Cryptographic Module Authentication 6425
IR-01 Incident Response Policy And Procedures 4298
IR-02 Incident Response Training 4069
IR-03 Incident Response Testing And Exercises 5991
IR-04 Incident Handling 6894
IR-05 Incident Monitoring 4058
IR-06 Incident Reporting 4265
IR-07 Incident Response Assistance 4130
MA-01 System Maintenance Policy And Procedures 4219
MA-02 Controlled Maintenance 4351
MA-03 Maintenance Tools 4027
MA-04 Remote Maintenance 4125
MA-05 Maintenance Personnel 3454
MA-06 Timely Maintenance 3745
MP-01 Media Protection Policy And Procedures 4521
MP-02 Media Access 4181
MP-03 Media Labeling 3041
MP-04 Media Storage 3269
MP-05 Media Transport 3110
MP-06 Media Sanitization And Disposal 3301
PE-01 Physical And Environmental Protection Policy And Procedures 3851
PE-02 Physical Access Authorizations 3476
PE-03 Physical Access Control 4184
PE-04 Access Control For Transmission Medium 3038
PE-05 Access Control For Display Medium 3152
PE-06 Monitoring Physical Access 3920
PE-07 Visitor Control 2594
PE-08 Access Records 2451
PE-09 Power Equipment And Power Cabling 3257
PE-10 Emergency Shutoff 3126
PE-11 Emergency Power 3040
PE-12 Emergency Lighting 2958
PE-13 Fire Protection 3125
PE-14 Temperature And Humidity Controls 3138
PE-15 Water Damage Protection 3073
PE-16 Delivery And Removal 3005
PE-17 Alternate Work Site 2557
PE-18 Location Of Information System Components 2659
PE-19 Information Leakage 2957
PL-01 Security Planning Policy And Procedures 5821
PL-02 System Security Plan 3824
PL-03 System Security Plan Update 2428
PL-04 Rules Of Behavior 4673
PL-05 Privacy Impact Assessment 2817
PL-06 Security-Related Activity Planning 2598
PS-01 Personnel Security Policy And Procedures 3819
PS-02 Position Categorization 2802
PS-03 Personnel Screening 2626
PS-04 Personnel Termination 2561
PS-05 Personnel Transfer 2506
PS-06 Access Agreements 3995
PS-07 Third-Party Personnel Security 3648
PS-08 Personnel Sanctions 2700
RA-01 Risk Assessment Policy And Procedures 4227
RA-02 Security Categorization 5831
RA-03 Risk Assessment 5453
RA-04 Risk Assessment Update 4092
RA-05 Vulnerability Scanning 5579
SA-01 System And Services Acquisition Policy And Procedures 4834
SA-02 Allocation Of Resources 4409
SA-03 Life Cycle Support 4703
SA-04 Acquisitions 4547
SA-05 Information System Documentation 7654
SA-06 Software Usage Restrictions 3880
SA-07 User Installed Software 3550
SA-08 Security Engineering Principles 7614
SA-09 External Information System Services 4409
SA-10 Developer Configuration Management 3875
SA-11 Developer Security Testing 3968
SC-01 System And Communications Protection Policy And Procedures 4543
SC-02 Application Partitioning 4617
SC-03 Security Function Isolation 5740
SC-04 Information Remnance 6990
SC-05 Denial Of Service Protection 5492
SC-06 Resource Priority 3859
SC-07 Boundary Protection 8069
SC-08 Transmission Integrity 6392
SC-09 Transmission Confidentiality 6087
SC-10 Network Disconnect 4074
SC-11 Trusted Path 4649
SC-12 Cryptographic Key Establishment And Management 4918
SC-13 Use Of Cryptography 5594
SC-14 Public Access Protections 3688
SC-15 Collaborative Computing 4432
SC-16 Transmission Of Security Parameters 2839
SC-17 Public Key Infrastructure Certificates 3002
SC-18 Mobile Code 5637
SC-19 Voice Over Internet Protocol 2674
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5009
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3048
SC-22 Architecture And Provisioning For Name / Address Resolution Service 2980
SC-23 Session Authenticity 5693
SI-01 System And Information Integrity Policy And Procedures 4448
SI-02 Flaw Remediation 6822
SI-03 Malicious Code Protection 7428
SI-04 Information System Monitoring Tools And Techniques 5959
SI-05 Security Alerts And Advisories 4137
SI-06 Security Functionality Verification 6143
SI-07 Software And Information Integrity 7085
SI-08 Spam Protection 2715
SI-09 Information Input Restrictions 2951
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6760
SI-11 Error Handling 4338
SI-12 Information Output Handling And Retention 3439