11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 9886
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 28834
13-05 Controls catalog SQL export 3713
AC-01 Access Control Policies and Procedures 19078
AC-02 Account Management 10512
AC-03 Access Enforcement 10787
AC-04 Information Flow Enforcement 11538
AC-05 Separation Of Duties 6740
AC-06 Least Privilege 6569
AC-07 Unsuccessful Login Attempts 6223
AC-08 System Use Notification 5270
AC-09 Previous Logon Notification 5745
AC-10 Concurrent Session Control 4968
AC-11 Session Lock 5457
AC-12 Session Termination 4996
AC-13 Supervision And Review -- Access Control 4303
AC-14 Permitted Actions Without Identification Or Authentication 4035
AC-15 Automated Marking 3343
AC-16 Automated Labeling 3086
AC-17 Remote Access 5430
AC-18 Wireless Access Restrictions 4902
AC-19 Access Control For Portable And Mobile Devices 5027
AC-20 Use Of External Information Systems 3931
AT-01 Security Awareness And Training Policy And Procedures 6210
AT-02 Security Awareness 6083
AT-03 Security Training 5737
AT-04 Security Training Records 4155
AT-05 Contacts With Security Groups And Associations 3087
AU-01 Audit And Accountability Policy And Procedures 6030
AU-02 Auditable Events 8421
AU-03 Content Of Audit Records 4895
AU-04 Audit Storage Capacity 4443
AU-05 Response To Audit Processing Failures 5233
AU-06 Audit Monitoring, Analysis, And Reporting 10860
AU-07 Audit Reduction And Report Generation 5819
AU-08 Time Stamps 4180
AU-09 Protection Of Audit Information 5321
AU-10 Non-Repudiation 6668
AU-11 Audit Record Retention 6300
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5770
CA-02 Security Assessments 6746
CA-03 Information System Connections 4192
CA-04 Security Certification 5175
CA-05 Plan Of Action And Milestones 4187
CA-06 Security Accreditation 4358
CA-07 Continuous Monitoring 6394
CM-01 Configuration Management Policy And Procedures 6210
CM-02 Baseline Configuration 7063
CM-03 Configuration Change Control 6476
CM-04 Monitoring Configuration Changes 4306
CM-05 Access Restrictions For Change 5100
CM-06 Configuration Settings 5144
CM-07 Least Functionality 7134
CM-08 Information System Component Inventory 5071
CP-01 Contingency Planning Policy And Procedures 4377
CP-02 Contingency Plan 4049
CP-03 Contingency Training 3729
CP-04 Contingency Plan Testing And Exercises 5783
CP-05 Contingency Plan Update 3507
CP-06 Alternate Storage Site 3799
CP-07 Alternate Processing Site 4684
CP-08 Telecommunications Services 2642
CP-09 Information System Backup 5326
CP-10 Information System Recovery And Reconstitution 4928
IA-01 Identification And Authentication Policy And Procedures 6085
IA-02 User Identification And Authentication 8853
IA-03 Device Identification And Authentication 7156
IA-04 Identifier Management 5013
IA-05 Authenticator Management 6334
IA-06 Authenticator Feedback 4270
IA-07 Cryptographic Module Authentication 6613
IR-01 Incident Response Policy And Procedures 4425
IR-02 Incident Response Training 4175
IR-03 Incident Response Testing And Exercises 6101
IR-04 Incident Handling 7090
IR-05 Incident Monitoring 4146
IR-06 Incident Reporting 4361
IR-07 Incident Response Assistance 4232
MA-01 System Maintenance Policy And Procedures 4353
MA-02 Controlled Maintenance 4460
MA-03 Maintenance Tools 4103
MA-04 Remote Maintenance 4252
MA-05 Maintenance Personnel 3515
MA-06 Timely Maintenance 3805
MP-01 Media Protection Policy And Procedures 4634
MP-02 Media Access 4261
MP-03 Media Labeling 3134
MP-04 Media Storage 3340
MP-05 Media Transport 3223
MP-06 Media Sanitization And Disposal 3400
PE-01 Physical And Environmental Protection Policy And Procedures 3960
PE-02 Physical Access Authorizations 3551
PE-03 Physical Access Control 4333
PE-04 Access Control For Transmission Medium 3129
PE-05 Access Control For Display Medium 3206
PE-06 Monitoring Physical Access 4027
PE-07 Visitor Control 2655
PE-08 Access Records 2479
PE-09 Power Equipment And Power Cabling 3313
PE-10 Emergency Shutoff 3181
PE-11 Emergency Power 3090
PE-12 Emergency Lighting 3011
PE-13 Fire Protection 3176
PE-14 Temperature And Humidity Controls 3201
PE-15 Water Damage Protection 3126
PE-16 Delivery And Removal 3055
PE-17 Alternate Work Site 2622
PE-18 Location Of Information System Components 2716
PE-19 Information Leakage 3021
PL-01 Security Planning Policy And Procedures 5951
PL-02 System Security Plan 3905
PL-03 System Security Plan Update 2475
PL-04 Rules Of Behavior 4771
PL-05 Privacy Impact Assessment 2870
PL-06 Security-Related Activity Planning 2659
PS-01 Personnel Security Policy And Procedures 3901
PS-02 Position Categorization 2856
PS-03 Personnel Screening 2674
PS-04 Personnel Termination 2596
PS-05 Personnel Transfer 2546
PS-06 Access Agreements 4073
PS-07 Third-Party Personnel Security 3752
PS-08 Personnel Sanctions 2762
RA-01 Risk Assessment Policy And Procedures 4314
RA-02 Security Categorization 5962
RA-03 Risk Assessment 5624
RA-04 Risk Assessment Update 4148
RA-05 Vulnerability Scanning 5794
SA-01 System And Services Acquisition Policy And Procedures 4982
SA-02 Allocation Of Resources 4493
SA-03 Life Cycle Support 4818
SA-04 Acquisitions 4671
SA-05 Information System Documentation 7848
SA-06 Software Usage Restrictions 4021
SA-07 User Installed Software 3620
SA-08 Security Engineering Principles 7777
SA-09 External Information System Services 4560
SA-10 Developer Configuration Management 3978
SA-11 Developer Security Testing 4080
SC-01 System And Communications Protection Policy And Procedures 4661
SC-02 Application Partitioning 4735
SC-03 Security Function Isolation 5873
SC-04 Information Remnance 7128
SC-05 Denial Of Service Protection 5627
SC-06 Resource Priority 3922
SC-07 Boundary Protection 8344
SC-08 Transmission Integrity 6577
SC-09 Transmission Confidentiality 6277
SC-10 Network Disconnect 4150
SC-11 Trusted Path 4747
SC-12 Cryptographic Key Establishment And Management 5078
SC-13 Use Of Cryptography 5762
SC-14 Public Access Protections 3760
SC-15 Collaborative Computing 4541
SC-16 Transmission Of Security Parameters 2925
SC-17 Public Key Infrastructure Certificates 3091
SC-18 Mobile Code 5772
SC-19 Voice Over Internet Protocol 2718
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5144
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3130
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3060
SC-23 Session Authenticity 5857
SI-01 System And Information Integrity Policy And Procedures 4533
SI-02 Flaw Remediation 7064
SI-03 Malicious Code Protection 7653
SI-04 Information System Monitoring Tools And Techniques 6202
SI-05 Security Alerts And Advisories 4234
SI-06 Security Functionality Verification 6284
SI-07 Software And Information Integrity 7201
SI-08 Spam Protection 2781
SI-09 Information Input Restrictions 3018
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 6918
SI-11 Error Handling 4453
SI-12 Information Output Handling And Retention 3529