11.02 Control Catalog

Display #
Title Hits
13-05 All Controls 10681
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1 30457
13-05 Controls catalog SQL export 3923
AC-01 Access Control Policies and Procedures 20284
AC-02 Account Management 11165
AC-03 Access Enforcement 12821
AC-04 Information Flow Enforcement 12237
AC-05 Separation Of Duties 7132
AC-06 Least Privilege 7013
AC-07 Unsuccessful Login Attempts 6628
AC-08 System Use Notification 5622
AC-09 Previous Logon Notification 6013
AC-10 Concurrent Session Control 5282
AC-11 Session Lock 5865
AC-12 Session Termination 5353
AC-13 Supervision And Review -- Access Control 4533
AC-14 Permitted Actions Without Identification Or Authentication 4613
AC-15 Automated Marking 3519
AC-16 Automated Labeling 3224
AC-17 Remote Access 5818
AC-18 Wireless Access Restrictions 5213
AC-19 Access Control For Portable And Mobile Devices 5355
AC-20 Use Of External Information Systems 4273
AT-01 Security Awareness And Training Policy And Procedures 6628
AT-02 Security Awareness 6423
AT-03 Security Training 6107
AT-04 Security Training Records 4361
AT-05 Contacts With Security Groups And Associations 3283
AU-01 Audit And Accountability Policy And Procedures 6396
AU-02 Auditable Events 8977
AU-03 Content Of Audit Records 5238
AU-04 Audit Storage Capacity 4716
AU-05 Response To Audit Processing Failures 5575
AU-06 Audit Monitoring, Analysis, And Reporting 11491
AU-07 Audit Reduction And Report Generation 6200
AU-08 Time Stamps 4423
AU-09 Protection Of Audit Information 5656
AU-10 Non-Repudiation 6968
AU-11 Audit Record Retention 6551
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures 6072
CA-02 Security Assessments 7224
CA-03 Information System Connections 4427
CA-04 Security Certification 5436
CA-05 Plan Of Action And Milestones 4407
CA-06 Security Accreditation 4558
CA-07 Continuous Monitoring 6753
CM-01 Configuration Management Policy And Procedures 6519
CM-02 Baseline Configuration 7506
CM-03 Configuration Change Control 6815
CM-04 Monitoring Configuration Changes 4511
CM-05 Access Restrictions For Change 5367
CM-06 Configuration Settings 5487
CM-07 Least Functionality 7552
CM-08 Information System Component Inventory 5396
CP-01 Contingency Planning Policy And Procedures 4624
CP-02 Contingency Plan 4275
CP-03 Contingency Training 3954
CP-04 Contingency Plan Testing And Exercises 6111
CP-05 Contingency Plan Update 3690
CP-06 Alternate Storage Site 4016
CP-07 Alternate Processing Site 4975
CP-08 Telecommunications Services 2806
CP-09 Information System Backup 5687
CP-10 Information System Recovery And Reconstitution 5238
IA-01 Identification And Authentication Policy And Procedures 6443
IA-02 User Identification And Authentication 9406
IA-03 Device Identification And Authentication 7588
IA-04 Identifier Management 5305
IA-05 Authenticator Management 6696
IA-06 Authenticator Feedback 4501
IA-07 Cryptographic Module Authentication 7032
IR-01 Incident Response Policy And Procedures 4706
IR-02 Incident Response Training 4408
IR-03 Incident Response Testing And Exercises 6349
IR-04 Incident Handling 7503
IR-05 Incident Monitoring 4388
IR-06 Incident Reporting 4607
IR-07 Incident Response Assistance 4457
MA-01 System Maintenance Policy And Procedures 4632
MA-02 Controlled Maintenance 4697
MA-03 Maintenance Tools 4327
MA-04 Remote Maintenance 4465
MA-05 Maintenance Personnel 3713
MA-06 Timely Maintenance 4014
MP-01 Media Protection Policy And Procedures 4866
MP-02 Media Access 4528
MP-03 Media Labeling 3314
MP-04 Media Storage 3559
MP-05 Media Transport 3407
MP-06 Media Sanitization And Disposal 3623
PE-01 Physical And Environmental Protection Policy And Procedures 4149
PE-02 Physical Access Authorizations 3744
PE-03 Physical Access Control 4639
PE-04 Access Control For Transmission Medium 3312
PE-05 Access Control For Display Medium 3390
PE-06 Monitoring Physical Access 4274
PE-07 Visitor Control 2830
PE-08 Access Records 2619
PE-09 Power Equipment And Power Cabling 3504
PE-10 Emergency Shutoff 3359
PE-11 Emergency Power 3244
PE-12 Emergency Lighting 3162
PE-13 Fire Protection 3351
PE-14 Temperature And Humidity Controls 3369
PE-15 Water Damage Protection 3306
PE-16 Delivery And Removal 3210
PE-17 Alternate Work Site 2790
PE-18 Location Of Information System Components 2854
PE-19 Information Leakage 3219
PL-01 Security Planning Policy And Procedures 6268
PL-02 System Security Plan 4131
PL-03 System Security Plan Update 2598
PL-04 Rules Of Behavior 5003
PL-05 Privacy Impact Assessment 3020
PL-06 Security-Related Activity Planning 2804
PS-01 Personnel Security Policy And Procedures 4123
PS-02 Position Categorization 3005
PS-03 Personnel Screening 2838
PS-04 Personnel Termination 2722
PS-05 Personnel Transfer 2673
PS-06 Access Agreements 4286
PS-07 Third-Party Personnel Security 3992
PS-08 Personnel Sanctions 2925
RA-01 Risk Assessment Policy And Procedures 4598
RA-02 Security Categorization 6244
RA-03 Risk Assessment 6002
RA-04 Risk Assessment Update 4357
RA-05 Vulnerability Scanning 6206
SA-01 System And Services Acquisition Policy And Procedures 5307
SA-02 Allocation Of Resources 4696
SA-03 Life Cycle Support 5129
SA-04 Acquisitions 4947
SA-05 Information System Documentation 8268
SA-06 Software Usage Restrictions 4287
SA-07 User Installed Software 3837
SA-08 Security Engineering Principles 8136
SA-09 External Information System Services 4829
SA-10 Developer Configuration Management 4190
SA-11 Developer Security Testing 4313
SC-01 System And Communications Protection Policy And Procedures 4895
SC-02 Application Partitioning 5056
SC-03 Security Function Isolation 6205
SC-04 Information Remnance 7424
SC-05 Denial Of Service Protection 5980
SC-06 Resource Priority 4105
SC-07 Boundary Protection 8956
SC-08 Transmission Integrity 6975
SC-09 Transmission Confidentiality 6718
SC-10 Network Disconnect 4369
SC-11 Trusted Path 5099
SC-12 Cryptographic Key Establishment And Management 5385
SC-13 Use Of Cryptography 6133
SC-14 Public Access Protections 3975
SC-15 Collaborative Computing 4829
SC-16 Transmission Of Security Parameters 3107
SC-17 Public Key Infrastructure Certificates 3274
SC-18 Mobile Code 6088
SC-19 Voice Over Internet Protocol 2898
SC-20 Secure Name / Address Resolution Service (Authoritative Source) 5463
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 3324
SC-22 Architecture And Provisioning For Name / Address Resolution Service 3224
SC-23 Session Authenticity 6263
SI-01 System And Information Integrity Policy And Procedures 4736
SI-02 Flaw Remediation 7502
SI-03 Malicious Code Protection 8121
SI-04 Information System Monitoring Tools And Techniques 6787
SI-05 Security Alerts And Advisories 4507
SI-06 Security Functionality Verification 7875
SI-07 Software And Information Integrity 7494
SI-08 Spam Protection 2971
SI-09 Information Input Restrictions 3222
SI-10 Information Accuracy, Completeness, Validity, And Authenticity 8374
SI-11 Error Handling 4732
SI-12 Information Output Handling And Retention 3738