13-05 All Controls
|
Hits: 31582
|
13-05 Control mapping (NIST 800-53 vs ISO 17799 / PCI-DSS v2 / COBIT 4.1
|
Hits: 75782
|
13-05 Controls catalog SQL export
|
Hits: 11259
|
AC-01 Access Control Policies and Procedures
|
Hits: 49760
|
AC-02 Account Management
|
Hits: 34023
|
AC-03 Access Enforcement
|
Hits: 37116
|
AC-04 Information Flow Enforcement
|
Hits: 38970
|
AC-05 Separation Of Duties
|
Hits: 21039
|
AC-06 Least Privilege
|
Hits: 20882
|
AC-07 Unsuccessful Login Attempts
|
Hits: 19520
|
AC-08 System Use Notification
|
Hits: 17519
|
AC-09 Previous Logon Notification
|
Hits: 14351
|
AC-10 Concurrent Session Control
|
Hits: 15988
|
AC-11 Session Lock
|
Hits: 18552
|
AC-12 Session Termination
|
Hits: 17702
|
AC-13 Supervision And Review -- Access Control
|
Hits: 13002
|
AC-14 Permitted Actions Without Identification Or Authentication
|
Hits: 11285
|
AC-15 Automated Marking
|
Hits: 10041
|
AC-16 Automated Labeling
|
Hits: 9258
|
AC-17 Remote Access
|
Hits: 19141
|
AC-18 Wireless Access Restrictions
|
Hits: 17652
|
AC-19 Access Control For Portable And Mobile Devices
|
Hits: 17384
|
AC-20 Use Of External Information Systems
|
Hits: 16911
|
AT-01 Security Awareness And Training Policy And Procedures
|
Hits: 19412
|
AT-02 Security Awareness
|
Hits: 17574
|
AT-03 Security Training
|
Hits: 17061
|
AT-04 Security Training Records
|
Hits: 11796
|
AT-05 Contacts With Security Groups And Associations
|
Hits: 9614
|
AU-01 Audit And Accountability Policy And Procedures
|
Hits: 20414
|
AU-02 Auditable Events
|
Hits: 27946
|
AU-03 Content Of Audit Records
|
Hits: 17350
|
AU-04 Audit Storage Capacity
|
Hits: 13849
|
AU-05 Response To Audit Processing Failures
|
Hits: 17031
|
AU-06 Audit Monitoring, Analysis, And Reporting
|
Hits: 36520
|
AU-07 Audit Reduction And Report Generation
|
Hits: 16822
|
AU-08 Time Stamps
|
Hits: 13747
|
AU-09 Protection Of Audit Information
|
Hits: 17793
|
AU-10 Non-Repudiation
|
Hits: 17822
|
AU-11 Audit Record Retention
|
Hits: 15433
|
CA-01 Certification, Accreditation, And Security Assessment Policies And Procedures
|
Hits: 17815
|
CA-02 Security Assessments
|
Hits: 21440
|
CA-03 Information System Connections
|
Hits: 12667
|
CA-04 Security Certification
|
Hits: 16001
|
CA-05 Plan Of Action And Milestones
|
Hits: 11824
|
CA-06 Security Accreditation
|
Hits: 13381
|
CA-07 Continuous Monitoring
|
Hits: 19858
|
CM-01 Configuration Management Policy And Procedures
|
Hits: 18486
|
CM-02 Baseline Configuration
|
Hits: 21552
|
CM-03 Configuration Change Control
|
Hits: 20301
|
CM-04 Monitoring Configuration Changes
|
Hits: 13700
|
CM-05 Access Restrictions For Change
|
Hits: 16718
|
CM-06 Configuration Settings
|
Hits: 18144
|
CM-07 Least Functionality
|
Hits: 24009
|
CM-08 Information System Component Inventory
|
Hits: 17849
|
CP-01 Contingency Planning Policy And Procedures
|
Hits: 13144
|
CP-02 Contingency Plan
|
Hits: 13654
|
CP-03 Contingency Training
|
Hits: 11221
|
CP-04 Contingency Plan Testing And Exercises
|
Hits: 19118
|
CP-05 Contingency Plan Update
|
Hits: 10263
|
CP-06 Alternate Storage Site
|
Hits: 11846
|
CP-07 Alternate Processing Site
|
Hits: 14119
|
CP-08 Telecommunications Services
|
Hits: 8583
|
CP-09 Information System Backup
|
Hits: 17120
|
CP-10 Information System Recovery And Reconstitution
|
Hits: 16092
|
IA-01 Identification And Authentication Policy And Procedures
|
Hits: 20242
|
IA-02 User Identification And Authentication
|
Hits: 28021
|
IA-03 Device Identification And Authentication
|
Hits: 23850
|
IA-04 Identifier Management
|
Hits: 17398
|
IA-05 Authenticator Management
|
Hits: 19511
|
IA-06 Authenticator Feedback
|
Hits: 14151
|
IA-07 Cryptographic Module Authentication
|
Hits: 20178
|
IR-01 Incident Response Policy And Procedures
|
Hits: 14808
|
IR-02 Incident Response Training
|
Hits: 12999
|
IR-03 Incident Response Testing And Exercises
|
Hits: 15141
|
IR-04 Incident Handling
|
Hits: 24306
|
IR-05 Incident Monitoring
|
Hits: 13222
|
IR-06 Incident Reporting
|
Hits: 13040
|
IR-07 Incident Response Assistance
|
Hits: 13558
|
MA-01 System Maintenance Policy And Procedures
|
Hits: 13165
|
MA-02 Controlled Maintenance
|
Hits: 14388
|
MA-03 Maintenance Tools
|
Hits: 12201
|
MA-04 Remote Maintenance
|
Hits: 14394
|
MA-05 Maintenance Personnel
|
Hits: 10149
|
MA-06 Timely Maintenance
|
Hits: 11204
|
MP-01 Media Protection Policy And Procedures
|
Hits: 12786
|
MP-02 Media Access
|
Hits: 13186
|
MP-03 Media Labeling
|
Hits: 9391
|
MP-04 Media Storage
|
Hits: 9857
|
MP-05 Media Transport
|
Hits: 10005
|
MP-06 Media Sanitization And Disposal
|
Hits: 11082
|
PE-01 Physical And Environmental Protection Policy And Procedures
|
Hits: 12329
|
PE-02 Physical Access Authorizations
|
Hits: 10916
|
PE-03 Physical Access Control
|
Hits: 14538
|
PE-04 Access Control For Transmission Medium
|
Hits: 10621
|
PE-05 Access Control For Display Medium
|
Hits: 9775
|
PE-06 Monitoring Physical Access
|
Hits: 12675
|
PE-07 Visitor Control
|
Hits: 8648
|
PE-08 Access Records
|
Hits: 7468
|
PE-09 Power Equipment And Power Cabling
|
Hits: 10185
|
PE-10 Emergency Shutoff
|
Hits: 9895
|
PE-11 Emergency Power
|
Hits: 9339
|
PE-12 Emergency Lighting
|
Hits: 9436
|
PE-13 Fire Protection
|
Hits: 9881
|
PE-14 Temperature And Humidity Controls
|
Hits: 9277
|
PE-15 Water Damage Protection
|
Hits: 9606
|
PE-16 Delivery And Removal
|
Hits: 9746
|
PE-17 Alternate Work Site
|
Hits: 7633
|
PE-18 Location Of Information System Components
|
Hits: 7649
|
PE-19 Information Leakage
|
Hits: 9533
|
PL-01 Security Planning Policy And Procedures
|
Hits: 16936
|
PL-02 System Security Plan
|
Hits: 12379
|
PL-03 System Security Plan Update
|
Hits: 6966
|
PL-04 Rules Of Behavior
|
Hits: 13691
|
PL-05 Privacy Impact Assessment
|
Hits: 9257
|
PL-06 Security-Related Activity Planning
|
Hits: 7213
|
PS-01 Personnel Security Policy And Procedures
|
Hits: 13980
|
PS-02 Position Categorization
|
Hits: 8002
|
PS-03 Personnel Screening
|
Hits: 8884
|
PS-04 Personnel Termination
|
Hits: 7379
|
PS-05 Personnel Transfer
|
Hits: 6948
|
PS-06 Access Agreements
|
Hits: 12885
|
PS-07 Third-Party Personnel Security
|
Hits: 12215
|
PS-08 Personnel Sanctions
|
Hits: 8799
|
RA-01 Risk Assessment Policy And Procedures
|
Hits: 12820
|
RA-02 Security Categorization
|
Hits: 15699
|
RA-03 Risk Assessment
|
Hits: 17983
|
RA-04 Risk Assessment Update
|
Hits: 12210
|
RA-05 Vulnerability Scanning
|
Hits: 21524
|
SA-01 System And Services Acquisition Policy And Procedures
|
Hits: 17496
|
SA-02 Allocation Of Resources
|
Hits: 13795
|
SA-03 Life Cycle Support
|
Hits: 15955
|
SA-04 Acquisitions
|
Hits: 14862
|
SA-05 Information System Documentation
|
Hits: 25263
|
SA-06 Software Usage Restrictions
|
Hits: 11991
|
SA-07 User Installed Software
|
Hits: 11631
|
SA-08 Security Engineering Principles
|
Hits: 19226
|
SA-09 External Information System Services
|
Hits: 14336
|
SA-10 Developer Configuration Management
|
Hits: 13097
|
SA-11 Developer Security Testing
|
Hits: 11312
|
SC-01 System And Communications Protection Policy And Procedures
|
Hits: 15340
|
SC-02 Application Partitioning
|
Hits: 14681
|
SC-03 Security Function Isolation
|
Hits: 17866
|
SC-04 Information Remnance
|
Hits: 18743
|
SC-05 Denial Of Service Protection
|
Hits: 17817
|
SC-06 Resource Priority
|
Hits: 12140
|
SC-07 Boundary Protection
|
Hits: 29970
|
SC-08 Transmission Integrity
|
Hits: 20541
|
SC-09 Transmission Confidentiality
|
Hits: 19205
|
SC-10 Network Disconnect
|
Hits: 12730
|
SC-11 Trusted Path
|
Hits: 15408
|
SC-12 Cryptographic Key Establishment And Management
|
Hits: 16728
|
SC-13 Use Of Cryptography
|
Hits: 18569
|
SC-14 Public Access Protections
|
Hits: 10538
|
SC-15 Collaborative Computing
|
Hits: 13301
|
SC-16 Transmission Of Security Parameters
|
Hits: 8078
|
SC-17 Public Key Infrastructure Certificates
|
Hits: 9089
|
SC-18 Mobile Code
|
Hits: 19095
|
SC-19 Voice Over Internet Protocol
|
Hits: 7624
|
SC-20 Secure Name / Address Resolution Service (Authoritative Source)
|
Hits: 18491
|
SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver)
|
Hits: 10341
|
SC-22 Architecture And Provisioning For Name / Address Resolution Service
|
Hits: 10170
|
SC-23 Session Authenticity
|
Hits: 19523
|
SI-01 System And Information Integrity Policy And Procedures
|
Hits: 13942
|
SI-02 Flaw Remediation
|
Hits: 26634
|
SI-03 Malicious Code Protection
|
Hits: 23354
|
SI-04 Information System Monitoring Tools And Techniques
|
Hits: 26017
|
SI-05 Security Alerts And Advisories
|
Hits: 14379
|
SI-06 Security Functionality Verification
|
Hits: 19881
|
SI-07 Software And Information Integrity
|
Hits: 18515
|
SI-08 Spam Protection
|
Hits: 9207
|
SI-09 Information Input Restrictions
|
Hits: 9431
|
SI-10 Information Accuracy, Completeness, Validity, And Authenticity
|
Hits: 18517
|
SI-11 Error Handling
|
Hits: 14321
|
SI-12 Information Output Handling And Retention
|
Hits: 11062
|