11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 10060
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 29151
13-05 Controls catalog SQL export 3747
AC-01 Access Control Policies and Procedures 19275
AC-02 Account Management 10633
AC-03 Access Enforcement 10925
AC-04 Information Flow Enforcement 11664
AC-05 Separation Of Duties 6812
AC-06 Least Privilege 6639
AC-07 Unsuccessful Login Attempts 6299
AC-08 System Use Notification 5331
AC-09 Previous Logon Notification 5780
AC-10 Concurrent Session Control 5020
AC-11 Session Lock 5522
AC-12 Session Termination 5054
AC-13 Supervision And Review -- Access Control 4343
AC-14 Permitted Actions Without Identification Or Authentication 4474
AC-15 Automated Marking 3373
AC-16 Automated Labeling 3105
AC-17 Remote Access 5483
AC-18 Wireless Access Restrictions 4958
AC-19 Access Control For Portable And Mobile Devices 5070
AC-20 Use Of External Information Systems 3980
AT-01 Security Awareness And Training Policy And Procedures 6283
AT-02 Security Awareness 6133
AT-03 Security Training 5801
AT-04 Security Training Records 4184
AT-05 Contacts With Security Groups And Associations 3110
AU-01 Audit And Accountability Policy And Procedures 6092
AU-02 Auditable Events 8493
AU-03 Content Of Audit Records 4930
AU-04 Audit Storage Capacity 4479
AU-05 Response To Audit Processing Failures 5287
AU-06 Audit Monitoring, Analysis, And Reporting 10953
AU-07 Audit Reduction And Report Generation 5863
AU-08 Time Stamps 4212
AU-09 Protection Of Audit Information 5358
AU-10 Non-Repudiation 6709
AU-11 Audit Record Retention 6327
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 5819
CA-02 Security Assessments 6818
CA-03 Information System Connections 4232
CA-04 Security Certification 5207
CA-05 Plan Of Action And Milestones 4221
CA-06 Security Accreditation 4383
CA-07 Continuous Monitoring 6447
CM-01 Configuration Management Policy And Procedures 6256
CM-02 Baseline Configuration 7110
CM-03 Configuration Change Control 6515
CM-04 Monitoring Configuration Changes 4327
CM-05 Access Restrictions For Change 5132
CM-06 Configuration Settings 5194
CM-07 Least Functionality 7197
CM-08 Information System Component Inventory 5125
CP-01 Contingency Planning Policy And Procedures 4418
CP-02 Contingency Plan 4078
CP-03 Contingency Training 3754
CP-04 Contingency Plan Testing And Exercises 5848
CP-05 Contingency Plan Update 3528
CP-06 Alternate Storage Site 3820
CP-07 Alternate Processing Site 4725
CP-08 Telecommunications Services 2660
CP-09 Information System Backup 5381
CP-10 Information System Recovery And Reconstitution 4969
IA-01 Identification And Authentication Policy And Procedures 6130
IA-02 User Identification And Authentication 8919
IA-03 Device Identification And Authentication 7219
IA-04 Identifier Management 5055
IA-05 Authenticator Management 6405
IA-06 Authenticator Feedback 4292
IA-07 Cryptographic Module Authentication 6694
IR-01 Incident Response Policy And Procedures 4458
IR-02 Incident Response Training 4210
IR-03 Incident Response Testing And Exercises 6133
IR-04 Incident Handling 7138
IR-05 Incident Monitoring 4177
IR-06 Incident Reporting 4396
IR-07 Incident Response Assistance 4258
MA-01 System Maintenance Policy And Procedures 4404
MA-02 Controlled Maintenance 4497
MA-03 Maintenance Tools 4122
MA-04 Remote Maintenance 4281
MA-05 Maintenance Personnel 3535
MA-06 Timely Maintenance 3834
MP-01 Media Protection Policy And Procedures 4666
MP-02 Media Access 4296
MP-03 Media Labeling 3159
MP-04 Media Storage 3367
MP-05 Media Transport 3244
MP-06 Media Sanitization And Disposal 3439
PE-01 Physical And Environmental Protection Policy And Procedures 3989
PE-02 Physical Access Authorizations 3578
PE-03 Physical Access Control 4379
PE-04 Access Control For Transmission Medium 3154
PE-05 Access Control For Display Medium 3224
PE-06 Monitoring Physical Access 4058
PE-07 Visitor Control 2678
PE-08 Access Records 2491
PE-09 Power Equipment And Power Cabling 3331
PE-10 Emergency Shutoff 3200
PE-11 Emergency Power 3106
PE-12 Emergency Lighting 3029
PE-13 Fire Protection 3198
PE-14 Temperature And Humidity Controls 3217
PE-15 Water Damage Protection 3147
PE-16 Delivery And Removal 3073
PE-17 Alternate Work Site 2645
PE-18 Location Of Information System Components 2734
PE-19 Information Leakage 3043
PL-01 Security Planning Policy And Procedures 5996
PL-02 System Security Plan 3938
PL-03 System Security Plan Update 2491
PL-04 Rules Of Behavior 4805
PL-05 Privacy Impact Assessment 2891
PL-06 Security-Related Activity Planning 2677
PS-01 Personnel Security Policy And Procedures 3929
PS-02 Position Categorization 2884
PS-03 Personnel Screening 2701
PS-04 Personnel Termination 2612
PS-05 Personnel Transfer 2561
PS-06 Access Agreements 4100
PS-07 Third-Party Personnel Security 3791
PS-08 Personnel Sanctions 2778
RA-01 Risk Assessment Policy And Procedures 4351
RA-02 Security Categorization 5989
RA-03 Risk Assessment 5676
RA-04 Risk Assessment Update 4165
RA-05 Vulnerability Scanning 5858
SA-01 System And Services Acquisition Policy And Procedures 5018
SA-02 Allocation Of Resources 4518
SA-03 Life Cycle Support 4860
SA-04 Acquisitions 4711
SA-05 Information System Documentation 7909
SA-06 Software Usage Restrictions 4074
SA-07 User Installed Software 3649
SA-08 Security Engineering Principles 7828
SA-09 External Information System Services 4598
SA-10 Developer Configuration Management 4009
SA-11 Developer Security Testing 4098
SC-01 System And Communications Protection Policy And Procedures 4690
SC-02 Application Partitioning 4769
SC-03 Security Function Isolation 5917
SC-04 Information Remnance 7168
SC-05 Denial Of Service Protection 5676
SC-06 Resource Priority 3941
SC-07 Boundary Protection 8435
SC-08 Transmission Integrity 6638
SC-09 Transmission Confidentiality 6352
SC-10 Network Disconnect 4183
SC-11 Trusted Path 4802
SC-12 Cryptographic Key Establishment And Management 5132
SC-13 Use Of Cryptography 5812
SC-14 Public Access Protections 3787
SC-15 Collaborative Computing 4585
SC-16 Transmission Of Security Parameters 2944
SC-17 Public Key Infrastructure Certificates 3122
SC-18 Mobile Code 5812
SC-19 Voice Over Internet Protocol 2736
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5206
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3151
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3083
SC-23 Session Authenticity 5907
SI-01 System And Information Integrity Policy And Procedures 4558
SI-02 Flaw Remediation 7136
SI-03 Malicious Code Protection 7726
SI-04 Information System Monitoring Tools And Techniques 6295
SI-05 Security Alerts And Advisories 4282
SI-06 Security Functionality Verification 6332
SI-07 Software And Information Integrity 7251
SI-08 Spam Protection 2812
SI-09 Information Input Restrictions 3053
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 7045
SI-11 Error Handling 4484
SI-12 Information Output Handling And Retention 3565