11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 12349
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 34162
13-05 Controls catalog SQL export 4366
AC-01 Access Control Policies and Procedures 22524
AC-02 Account Management 12507
AC-03 Access Enforcement 14719
AC-04 Information Flow Enforcement 13646
AC-05 Separation Of Duties 8381
AC-06 Least Privilege 7918
AC-07 Unsuccessful Login Attempts 7387
AC-08 System Use Notification 6199
AC-09 Previous Logon Notification 6490
AC-10 Concurrent Session Control 5840
AC-11 Session Lock 6584
AC-12 Session Termination 6113
AC-13 Supervision And Review -- Access Control 5016
AC-14 Permitted Actions Without Identification Or Authentication 4959
AC-15 Automated Marking 3852
AC-16 Automated Labeling 3487
AC-17 Remote Access 6714
AC-18 Wireless Access Restrictions 5844
AC-19 Access Control For Portable And Mobile Devices 5901
AC-20 Use Of External Information Systems 5110
AT-01 Security Awareness And Training Policy And Procedures 7303
AT-02 Security Awareness 7038
AT-03 Security Training 6747
AT-04 Security Training Records 4741
AT-05 Contacts With Security Groups And Associations 3747
AU-01 Audit And Accountability Policy And Procedures 7157
AU-02 Auditable Events 10100
AU-03 Content Of Audit Records 5837
AU-04 Audit Storage Capacity 5196
AU-05 Response To Audit Processing Failures 6244
AU-06 Audit Monitoring, Analysis, And Reporting 12529
AU-07 Audit Reduction And Report Generation 6880
AU-08 Time Stamps 4875
AU-09 Protection Of Audit Information 6241
AU-10 Non-Repudiation 7495
AU-11 Audit Record Retention 7009
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6667
CA-02 Security Assessments 8160
CA-03 Information System Connections 5063
CA-04 Security Certification 5966
CA-05 Plan Of Action And Milestones 4841
CA-06 Security Accreditation 4950
CA-07 Continuous Monitoring 7472
CM-01 Configuration Management Policy And Procedures 7152
CM-02 Baseline Configuration 8324
CM-03 Configuration Change Control 7514
CM-04 Monitoring Configuration Changes 4900
CM-05 Access Restrictions For Change 5827
CM-06 Configuration Settings 6048
CM-07 Least Functionality 8367
CM-08 Information System Component Inventory 6024
CP-01 Contingency Planning Policy And Procedures 5236
CP-02 Contingency Plan 4744
CP-03 Contingency Training 4292
CP-04 Contingency Plan Testing And Exercises 6788
CP-05 Contingency Plan Update 3988
CP-06 Alternate Storage Site 4453
CP-07 Alternate Processing Site 5440
CP-08 Telecommunications Services 3093
CP-09 Information System Backup 6406
CP-10 Information System Recovery And Reconstitution 5758
IA-01 Identification And Authentication Policy And Procedures 7174
IA-02 User Identification And Authentication 10655
IA-03 Device Identification And Authentication 8393
IA-04 Identifier Management 5824
IA-05 Authenticator Management 7398
IA-06 Authenticator Feedback 4934
IA-07 Cryptographic Module Authentication 7783
IR-01 Incident Response Policy And Procedures 5307
IR-02 Incident Response Training 4797
IR-03 Incident Response Testing And Exercises 6853
IR-04 Incident Handling 8153
IR-05 Incident Monitoring 4775
IR-06 Incident Reporting 4984
IR-07 Incident Response Assistance 4859
MA-01 System Maintenance Policy And Procedures 5126
MA-02 Controlled Maintenance 5141
MA-03 Maintenance Tools 4747
MA-04 Remote Maintenance 4942
MA-05 Maintenance Personnel 4001
MA-06 Timely Maintenance 4333
MP-01 Media Protection Policy And Procedures 5310
MP-02 Media Access 4970
MP-03 Media Labeling 3614
MP-04 Media Storage 3860
MP-05 Media Transport 3729
MP-06 Media Sanitization And Disposal 4032
PE-01 Physical And Environmental Protection Policy And Procedures 4585
PE-02 Physical Access Authorizations 4095
PE-03 Physical Access Control 5147
PE-04 Access Control For Transmission Medium 3733
PE-05 Access Control For Display Medium 3652
PE-06 Monitoring Physical Access 4662
PE-07 Visitor Control 3106
PE-08 Access Records 2886
PE-09 Power Equipment And Power Cabling 3793
PE-10 Emergency Shutoff 3677
PE-11 Emergency Power 3469
PE-12 Emergency Lighting 3403
PE-13 Fire Protection 3637
PE-14 Temperature And Humidity Controls 3615
PE-15 Water Damage Protection 3569
PE-16 Delivery And Removal 3459
PE-17 Alternate Work Site 3036
PE-18 Location Of Information System Components 3088
PE-19 Information Leakage 3576
PL-01 Security Planning Policy And Procedures 6952
PL-02 System Security Plan 4549
PL-03 System Security Plan Update 2814
PL-04 Rules Of Behavior 5429
PL-05 Privacy Impact Assessment 3865
PL-06 Security-Related Activity Planning 3065
PS-01 Personnel Security Policy And Procedures 4564
PS-02 Position Categorization 3258
PS-03 Personnel Screening 3145
PS-04 Personnel Termination 2944
PS-05 Personnel Transfer 2867
PS-06 Access Agreements 4646
PS-07 Third-Party Personnel Security 4522
PS-08 Personnel Sanctions 3353
RA-01 Risk Assessment Policy And Procedures 5129
RA-02 Security Categorization 6701
RA-03 Risk Assessment 6695
RA-04 Risk Assessment Update 4698
RA-05 Vulnerability Scanning 7004
SA-01 System And Services Acquisition Policy And Procedures 5920
SA-02 Allocation Of Resources 5093
SA-03 Life Cycle Support 5645
SA-04 Acquisitions 5424
SA-05 Information System Documentation 9070
SA-06 Software Usage Restrictions 4654
SA-07 User Installed Software 4187
SA-08 Security Engineering Principles 8707
SA-09 External Information System Services 5459
SA-10 Developer Configuration Management 4679
SA-11 Developer Security Testing 4736
SC-01 System And Communications Protection Policy And Procedures 5526
SC-02 Application Partitioning 5633
SC-03 Security Function Isolation 6970
SC-04 Information Remnance 8058
SC-05 Denial Of Service Protection 6638
SC-06 Resource Priority 4465
SC-07 Boundary Protection 10428
SC-08 Transmission Integrity 7743
SC-09 Transmission Confidentiality 7451
SC-10 Network Disconnect 4750
SC-11 Trusted Path 5590
SC-12 Cryptographic Key Establishment And Management 6046
SC-13 Use Of Cryptography 6771
SC-14 Public Access Protections 4303
SC-15 Collaborative Computing 5282
SC-16 Transmission Of Security Parameters 3440
SC-17 Public Key Infrastructure Certificates 3582
SC-18 Mobile Code 6720
SC-19 Voice Over Internet Protocol 3201
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 6046
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3671
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3545
SC-23 Session Authenticity 7034
SI-01 System And Information Integrity Policy And Procedures 5184
SI-02 Flaw Remediation 8426
SI-03 Malicious Code Protection 8989
SI-04 Information System Monitoring Tools And Techniques 8002
SI-05 Security Alerts And Advisories 4936
SI-06 Security Functionality Verification 8729
SI-07 Software And Information Integrity 8027
SI-08 Spam Protection 3265
SI-09 Information Input Restrictions 3513
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8965
SI-11 Error Handling 5214
SI-12 Information Output Handling And Retention 4149