Skip to main content

💼 NIST SP 800-53 Revision 4

  • ID: /frameworks/nist-sp-800-53-r4

Description​

Empty...

Similar​

  • Internal
    • ID: dec-a-fec275af

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AC ACCESS CONTROL25617no data
 💼 AC-1 ACCESS CONTROL POLICY AND PROCEDURESno data
 💼 AC-2 ACCOUNT MANAGEMENT1336no data
  💼 AC-2 (1) AUTOMATED SYSTEM ACCOUNT MANAGEMENTno data
  💼 AC-2 (2) REMOVAL OF TEMPORARY _ EMERGENCY ACCOUNTSno data
  💼 AC-2 (3) DISABLE INACTIVE ACCOUNTSno data
  💼 AC-2 (4) AUTOMATED AUDIT ACTIONSno data
  💼 AC-2 (5) INACTIVITY LOGOUTno data
  💼 AC-2 (6) DYNAMIC PRIVILEGE MANAGEMENTno data
  💼 AC-2 (7) ROLE-BASED SCHEMES22no data
  💼 AC-2 (8) DYNAMIC ACCOUNT CREATIONno data
  💼 AC-2 (9) RESTRICTIONS ON USE OF SHARED _ GROUP ACCOUNTSno data
  💼 AC-2 (10) SHARED _ GROUP ACCOUNT CREDENTIAL TERMINATIONno data
  💼 AC-2 (11) USAGE CONDITIONSno data
  💼 AC-2 (12) ACCOUNT MONITORING _ ATYPICAL USAGEno data
  💼 AC-2 (13) DISABLE ACCOUNTS FOR HIGH-RISK INDIVIDUALSno data
 💼 AC-3 ACCESS ENFORCEMENT102no data
  💼 AC-3 (1) RESTRICTED ACCESS TO PRIVILEGED FUNCTIONSno data
  💼 AC-3 (2) DUAL AUTHORIZATIONno data
  💼 AC-3 (3) MANDATORY ACCESS CONTROLno data
  💼 AC-3 (4) DISCRETIONARY ACCESS CONTROLno data
  💼 AC-3 (5) SECURITY-RELEVANT INFORMATIONno data
  💼 AC-3 (6) PROTECTION OF USER AND SYSTEM INFORMATIONno data
  💼 AC-3 (7) ROLE-BASED ACCESS CONTROLno data
  💼 AC-3 (8) REVOCATION OF ACCESS AUTHORIZATIONSno data
  💼 AC-3 (9) CONTROLLED RELEASEno data
  💼 AC-3 (10) AUDITED OVERRIDE OF ACCESS CONTROL MECHANISMSno data
 💼 AC-4 INFORMATION FLOW ENFORCEMENT2211no data
  💼 AC-4 (1) OBJECT SECURITY ATTRIBUTESno data
  💼 AC-4 (2) PROCESSING DOMAINSno data
  💼 AC-4 (3) DYNAMIC INFORMATION FLOW CONTROLno data
  💼 AC-4 (4) CONTENT CHECK ENCRYPTED INFORMATIONno data
  💼 AC-4 (5) EMBEDDED DATA TYPES11no data
  💼 AC-4 (6) METADATAno data
  💼 AC-4 (7) ONE-WAY FLOW MECHANISMSno data
  💼 AC-4 (8) SECURITY POLICY FILTERSno data
  💼 AC-4 (9) HUMAN REVIEWSno data
  💼 AC-4 (10) ENABLE _ DISABLE SECURITY POLICY FILTERSno data
  💼 AC-4 (11) CONFIGURATION OF SECURITY POLICY FILTERSno data
  💼 AC-4 (12) DATA TYPE IDENTIFIERSno data
  💼 AC-4 (13) DECOMPOSITION INTO POLICY-RELEVANT SUBCOMPONENTSno data
  💼 AC-4 (14) SECURITY POLICY FILTER CONSTRAINTSno data
  💼 AC-4 (15) DETECTION OF UNSANCTIONED INFORMATIONno data
  💼 AC-4 (16) INFORMATION TRANSFERS ON INTERCONNECTED SYSTEMSno data
  💼 AC-4 (17) DOMAIN AUTHENTICATIONno data
  💼 AC-4 (18) SECURITY ATTRIBUTE BINDINGno data
  💼 AC-4 (19) VALIDATION OF METADATAno data
  💼 AC-4 (20) APPROVED SOLUTIONSno data
  💼 AC-4 (21) PHYSICAL _ LOGICAL SEPARATION OF INFORMATION FLOWSno data
  💼 AC-4 (22) ACCESS ONLYno data
 💼 AC-5 SEPARATION OF DUTIES34no data
 💼 AC-6 LEAST PRIVILEGE1027no data
  💼 AC-6 (1) AUTHORIZE ACCESS TO SECURITY FUNCTIONSno data
  💼 AC-6 (2) NON-PRIVILEGED ACCESS FOR NONSECURITY FUNCTIONSno data
  💼 AC-6 (3) NETWORK ACCESS TO PRIVILEGED COMMANDSno data
  💼 AC-6 (4) SEPARATE PROCESSING DOMAINSno data
  💼 AC-6 (5) PRIVILEGED ACCOUNTSno data
  💼 AC-6 (6) PRIVILEGED ACCESS BY NON-ORGANIZATIONAL USERSno data
  💼 AC-6 (7) REVIEW OF USER PRIVILEGESno data
  💼 AC-6 (8) PRIVILEGE LEVELS FOR CODE EXECUTIONno data
  💼 AC-6 (9) AUDITING USE OF PRIVILEGED FUNCTIONSno data
  💼 AC-6 (10) PROHIBIT NON-PRIVILEGED USERS FROM EXECUTING PRIVILEGED FUNCTIONS11no data
 💼 AC-7 UNSUCCESSFUL LOGON ATTEMPTS2no data
  💼 AC-7 (1) AUTOMATIC ACCOUNT LOCKno data
  💼 AC-7 (2) PURGE _ WIPE MOBILE DEVICEno data
 💼 AC-8 SYSTEM USE NOTIFICATIONno data
 💼 AC-9 PREVIOUS LOGON (ACCESS) NOTIFICATION4no data
  💼 AC-9 (1) UNSUCCESSFUL LOGONSno data
  💼 AC-9 (2) SUCCESSFUL _ UNSUCCESSFUL LOGONSno data
  💼 AC-9 (3) NOTIFICATION OF ACCOUNT CHANGESno data
  💼 AC-9 (4) ADDITIONAL LOGON INFORMATIONno data
 💼 AC-10 CONCURRENT SESSION CONTROLno data
 💼 AC-11 SESSION LOCK1no data
  💼 AC-11 (1) PATTERN-HIDING DISPLAYSno data
 💼 AC-12 SESSION TERMINATION1no data
  💼 AC-12 (1) USER-INITIATED LOGOUTS _ MESSAGE DISPLAYSno data
 💼 AC-13 SUPERVISION AND REVIEW - ACCESS CONTROLno data
 💼 AC-14 PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION1no data
  💼 AC-14 (1) NECESSARY USESno data
 💼 AC-15 AUTOMATED MARKINGno data
 💼 AC-16 SECURITY ATTRIBUTES10no data
  💼 AC-16 (1) DYNAMIC ATTRIBUTE ASSOCIATIONno data
  💼 AC-16 (2) ATTRIBUTE VALUE CHANGES BY AUTHORIZED INDIVIDUALSno data
  💼 AC-16 (3) MAINTENANCE OF ATTRIBUTE ASSOCIATIONS BY INFORMATION SYSTEMno data
  💼 AC-16 (4) ASSOCIATION OF ATTRIBUTES BY AUTHORIZED INDIVIDUALSno data
  💼 AC-16 (5) ATTRIBUTE DISPLAYS FOR OUTPUT DEVICESno data
  💼 AC-16 (6) MAINTENANCE OF ATTRIBUTE ASSOCIATION BY ORGANIZATIONno data
  💼 AC-16 (7) CONSISTENT ATTRIBUTE INTERPRETATIONno data
  💼 AC-16 (8) ASSOCIATION TECHNIQUES _ TECHNOLOGIESno data
  💼 AC-16 (9) ATTRIBUTE REASSIGNMENTno data
  💼 AC-16 (10) ATTRIBUTE CONFIGURATION BY AUTHORIZED INDIVIDUALSno data
 💼 AC-17 REMOTE ACCESS9no data
  💼 AC-17 (1) AUTOMATED MONITORING _ CONTROLno data
  💼 AC-17 (2) PROTECTION OF CONFIDENTIALITY _ INTEGRITY USING ENCRYPTIONno data
  💼 AC-17 (3) MANAGED ACCESS CONTROL POINTSno data
  💼 AC-17 (4) PRIVILEGED COMMANDS _ ACCESSno data
  💼 AC-17 (5) MONITORING FOR UNAUTHORIZED CONNECTIONSno data
  💼 AC-17 (6) PROTECTION OF INFORMATIONno data
  💼 AC-17 (7) ADDITIONAL PROTECTION FOR SECURITY FUNCTION ACCESSno data
  💼 AC-17 (8) DISABLE NONSECURE NETWORK PROTOCOLSno data
  💼 AC-17 (9) DISCONNECT _ DISABLE ACCESSno data
 💼 AC-18 WIRELESS ACCESS5no data
  💼 AC-18 (1) AUTHENTICATION AND ENCRYPTIONno data
  💼 AC-18 (2) MONITORING UNAUTHORIZED CONNECTIONSno data
  💼 AC-18 (3) DISABLE WIRELESS NETWORKINGno data
  💼 AC-18 (4) RESTRICT CONFIGURATIONS BY USERSno data
  💼 AC-18 (5) ANTENNAS _ TRANSMISSION POWER LEVELSno data
 💼 AC-19 ACCESS CONTROL FOR MOBILE DEVICES5no data
  💼 AC-19 (1) USE OF WRITABLE _ PORTABLE STORAGE DEVICESno data
  💼 AC-19 (2) USE OF PERSONALLY OWNED PORTABLE STORAGE DEVICESno data
  💼 AC-19 (3) USE OF PORTABLE STORAGE DEVICES WITH NO IDENTIFIABLE OWNERno data
  💼 AC-19 (4) RESTRICTIONS FOR CLASSIFIED INFORMATIONno data
  💼 AC-19 (5) FULL DEVICE _ CONTAINER-BASED ENCRYPTIONno data
 💼 AC-20 USE OF EXTERNAL INFORMATION SYSTEMS4no data
  💼 AC-20 (1) LIMITS ON AUTHORIZED USEno data
  💼 AC-20 (2) PORTABLE STORAGE DEVICESno data
  💼 AC-20 (3) NON-ORGANIZATIONALLY OWNED SYSTEMS _ COMPONENTS _ DEVICESno data
  💼 AC-20 (4) NETWORK ACCESSIBLE STORAGE DEVICESno data
 💼 AC-21 INFORMATION SHARING2no data
  💼 AC-21 (1) AUTOMATED DECISION SUPPORTno data
  💼 AC-21 (2) INFORMATION SEARCH AND RETRIEVALno data
 💼 AC-22 PUBLICLY ACCESSIBLE CONTENTno data
 💼 AC-23 DATA MINING PROTECTIONno data
 💼 AC-24 ACCESS CONTROL DECISIONS2no data
  💼 AC-24 (1) TRANSMIT ACCESS AUTHORIZATION INFORMATIONno data
  💼 AC-24 (2) NO USER OR PROCESS IDENTITYno data
 💼 AC-25 REFERENCE MONITORno data
💼 AT AWARENESS AND TRAINING5no data
 💼 AT-1 SECURITY AWARENESS AND TRAINING POLICY AND PROCEDURESno data
 💼 AT-2 SECURITY AWARENESS TRAINING2no data
  💼 AT-2 (1) PRACTICAL EXERCISESno data
  💼 AT-2 (2) INSIDER THREATno data
 💼 AT-3 ROLE-BASED SECURITY TRAINING4no data
  💼 AT-3 (1) ENVIRONMENTAL CONTROLSno data
  💼 AT-3 (2) PHYSICAL SECURITY CONTROLSno data
  💼 AT-3 (3) PRACTICAL EXERCISESno data
  💼 AT-3 (4) SUSPICIOUS COMMUNICATIONS AND ANOMALOUS SYSTEM BEHAVIORno data
 💼 AT-4 SECURITY TRAINING RECORDSno data
 💼 AT-5 CONTACTS WITH SECURITY GROUPS AND ASSOCIATIONSno data
💼 AU AUDIT AND ACCOUNTABILITY1669no data
 💼 AU-1 AUDIT AND ACCOUNTABILITY POLICY AND PROCEDURESno data
 💼 AU-2 AUDIT EVENTS434no data
  💼 AU-2 (1) COMPILATION OF AUDIT RECORDS FROM MULTIPLE SOURCESno data
  💼 AU-2 (2) SELECTION OF AUDIT EVENTS BY COMPONENTno data
  💼 AU-2 (3) REVIEWS AND UPDATESno data
  💼 AU-2 (4) PRIVILEGED FUNCTIONSno data
 💼 AU-3 CONTENT OF AUDIT RECORDS2no data
  💼 AU-3 (1) ADDITIONAL AUDIT INFORMATIONno data
  💼 AU-3 (2) CENTRALIZED MANAGEMENT OF PLANNED AUDIT RECORD CONTENTno data
 💼 AU-4 AUDIT STORAGE CAPACITY1no data
  💼 AU-4 (1) TRANSFER TO ALTERNATE STORAGEno data
 💼 AU-5 RESPONSE TO AUDIT PROCESSING FAILURES4no data
  💼 AU-5 (1) AUDIT STORAGE CAPACITYno data
  💼 AU-5 (2) REAL-TIME ALERTSno data
  💼 AU-5 (3) CONFIGURABLE TRAFFIC VOLUME THRESHOLDSno data
  💼 AU-5 (4) SHUTDOWN ON FAILUREno data
 💼 AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING1022no data
  💼 AU-6 (1) PROCESS INTEGRATIONno data
  💼 AU-6 (2) AUTOMATED SECURITY ALERTSno data
  💼 AU-6 (3) CORRELATE AUDIT REPOSITORIESno data
  💼 AU-6 (4) CENTRAL REVIEW AND ANALYSISno data
  💼 AU-6 (5) INTEGRATION _ SCANNING AND MONITORING CAPABILITIESno data
  💼 AU-6 (6) CORRELATION WITH PHYSICAL MONITORINGno data
  💼 AU-6 (7) PERMITTED ACTIONSno data
  💼 AU-6 (8) FULL TEXT ANALYSIS OF PRIVILEGED COMMANDSno data
  💼 AU-6 (9) CORRELATION WITH INFORMATION FROM NONTECHNICAL SOURCESno data
  💼 AU-6 (10) AUDIT LEVEL ADJUSTMENTno data
 💼 AU-7 AUDIT REDUCTION AND REPORT GENERATION2no data
  💼 AU-7 (1) AUTOMATIC PROCESSINGno data
  💼 AU-7 (2) AUTOMATIC SORT AND SEARCHno data
 💼 AU-8 TIME STAMPS2no data
  💼 AU-8 (1) SYNCHRONIZATION WITH AUTHORITATIVE TIME SOURCEno data
  💼 AU-8 (2) SECONDARY AUTHORITATIVE TIME SOURCEno data
 💼 AU-9 PROTECTION OF AUDIT INFORMATION6no data
  💼 AU-9 (1) HARDWARE WRITE-ONCE MEDIAno data
  💼 AU-9 (2) AUDIT BACKUP ON SEPARATE PHYSICAL SYSTEMS _ COMPONENTSno data
  💼 AU-9 (3) CRYPTOGRAPHIC PROTECTIONno data
  💼 AU-9 (4) ACCESS BY SUBSET OF PRIVILEGED USERSno data
  💼 AU-9 (5) DUAL AUTHORIZATIONno data
  💼 AU-9 (6) READ ONLY ACCESSno data
 💼 AU-10 NON-REPUDIATION511no data
  💼 AU-10 (1) ASSOCIATION OF IDENTITIESno data
  💼 AU-10 (2) VALIDATE BINDING OF INFORMATION PRODUCER IDENTITYno data
  💼 AU-10 (3) CHAIN OF CUSTODYno data
  💼 AU-10 (4) VALIDATE BINDING OF INFORMATION REVIEWER IDENTITYno data
  💼 AU-10 (5) DIGITAL SIGNATURESno data
 💼 AU-11 AUDIT RECORD RETENTION12no data
  💼 AU-11 (1) LONG-TERM RETRIEVAL CAPABILITYno data
 💼 AU-12 AUDIT GENERATION3no data
  💼 AU-12 (1) SYSTEM-WIDE _ TIME-CORRELATED AUDIT TRAILno data
  💼 AU-12 (2) STANDARDIZED FORMATSno data
  💼 AU-12 (3) CHANGES BY AUTHORIZED INDIVIDUALSno data
 💼 AU-13 MONITORING FOR INFORMATION DISCLOSURE2no data
  💼 AU-13 (1) USE OF AUTOMATED TOOLSno data
  💼 AU-13 (2) REVIEW OF MONITORED SITESno data
 💼 AU-14 SESSION AUDIT3no data
  💼 AU-14 (1) SYSTEM START-UPno data
  💼 AU-14 (2) CAPTURE_RECORD AND LOG CONTENTno data
  💼 AU-14 (3) REMOTE VIEWING _ LISTENINGno data
 💼 AU-15 ALTERNATE AUDIT CAPABILITYno data
 💼 AU-16 CROSS-ORGANIZATIONAL AUDITING2no data
  💼 AU-16 (1) IDENTITY PRESERVATIONno data
  💼 AU-16 (2) SHARING OF AUDIT INFORMATIONno data
💼 CA SECURITY ASSESSMENT AND AUTHORIZATION93no data
 💼 CA-1 SECURITY ASSESSMENT AND AUTHORIZATION POLICY AND PROCEDURESno data
 💼 CA-2 SECURITY ASSESSMENTS3no data
  💼 CA-2 (1) INDEPENDENT ASSESSORSno data
  💼 CA-2 (2) SPECIALIZED ASSESSMENTSno data
  💼 CA-2 (3) EXTERNAL ORGANIZATIONSno data
 💼 CA-3 SYSTEM INTERCONNECTIONS52no data
  💼 CA-3 (1) UNCLASSIFIED NATIONAL SECURITY SYSTEM CONNECTIONSno data
  💼 CA-3 (2) CLASSIFIED NATIONAL SECURITY SYSTEM CONNECTIONSno data
  💼 CA-3 (3) UNCLASSIFIED NON-NATIONAL SECURITY SYSTEM CONNECTIONSno data
  💼 CA-3 (4) CONNECTIONS TO PUBLIC NETWORKSno data
  💼 CA-3 (5) RESTRICTIONS ON EXTERNAL SYSTEM CONNECTIONSno data
 💼 CA-4 SECURITY CERTIFICATIONno data
 💼 CA-5 PLAN OF ACTION AND MILESTONES1no data
  💼 CA-5 (1) AUTOMATION SUPPORT FOR ACCURACY _ CURRENCYno data
 💼 CA-6 SECURITY AUTHORIZATIONno data
 💼 CA-7 CONTINUOUS MONITORING3no data
  💼 CA-7 (1) INDEPENDENT ASSESSMENTno data
  💼 CA-7 (2) TYPES OF ASSESSMENTSno data
  💼 CA-7 (3) TREND ANALYSESno data
 💼 CA-8 PENETRATION TESTING2no data
  💼 CA-8 (1) INDEPENDENT PENETRATION AGENT OR TEAMno data
  💼 CA-8 (2) RED TEAM EXERCISESno data
 💼 CA-9 INTERNAL SYSTEM CONNECTIONS11no data
  💼 CA-9 (1) SECURITY COMPLIANCE CHECKSno data
💼 CM CONFIGURATION MANAGEMENT1189no data
 💼 CM-1 CONFIGURATION MANAGEMENT POLICY AND PROCEDURESno data
 💼 CM-2 BASELINE CONFIGURATION711no data
  💼 CM-2 (1) REVIEWS AND UPDATESno data
  💼 CM-2 (2) AUTOMATION SUPPORT FOR ACCURACY _ CURRENCYno data
  💼 CM-2 (3) RETENTION OF PREVIOUS CONFIGURATIONSno data
  💼 CM-2 (4) UNAUTHORIZED SOFTWAREno data
  💼 CM-2 (5) AUTHORIZED SOFTWAREno data
  💼 CM-2 (6) DEVELOPMENT AND TEST ENVIRONMENTSno data
  💼 CM-2 (7) CONFIGURE SYSTEMS, COMPONENTS, OR DEVICES FOR HIGH-RISK AREASno data
 💼 CM-3 CONFIGURATION CHANGE CONTROL611no data
  💼 CM-3 (1) AUTOMATED DOCUMENT _ NOTIFICATION _ PROHIBITION OF CHANGESno data
  💼 CM-3 (2) TEST _ VALIDATE _ DOCUMENT CHANGESno data
  💼 CM-3 (3) AUTOMATED CHANGE IMPLEMENTATIONno data
  💼 CM-3 (4) SECURITY REPRESENTATIVEno data
  💼 CM-3 (5) AUTOMATED SECURITY RESPONSEno data
  💼 CM-3 (6) CRYPTOGRAPHY MANAGEMENT11no data
 💼 CM-4 SECURITY IMPACT ANALYSIS2no data
  💼 CM-4 (1) SEPARATE TEST ENVIRONMENTSno data
  💼 CM-4 (2) VERIFICATION OF SECURITY FUNCTIONSno data
 💼 CM-5 ACCESS RESTRICTIONS FOR CHANGE7no data
  💼 CM-5 (1) AUTOMATED ACCESS ENFORCEMENT _ AUDITINGno data
  💼 CM-5 (2) REVIEW SYSTEM CHANGESno data
  💼 CM-5 (3) SIGNED COMPONENTSno data
  💼 CM-5 (4) DUAL AUTHORIZATIONno data
  💼 CM-5 (5) LIMIT PRODUCTION _ OPERATIONAL PRIVILEGESno data
  💼 CM-5 (6) LIMIT LIBRARY PRIVILEGESno data
  💼 CM-5 (7) AUTOMATIC IMPLEMENTATION OF SECURITY SAFEGUARDSno data
 💼 CM-6 CONFIGURATION SETTINGS411no data
  💼 CM-6 (1) AUTOMATED CENTRAL MANAGEMENT _ APPLICATION _ VERIFICATIONno data
  💼 CM-6 (2) RESPOND TO UNAUTHORIZED CHANGESno data
  💼 CM-6 (3) UNAUTHORIZED CHANGE DETECTIONno data
  💼 CM-6 (4) CONFORMANCE DEMONSTRATIONno data
 💼 CM-7 LEAST FUNCTIONALITY567no data
  💼 CM-7 (1) PERIODIC REVIEW34no data
  💼 CM-7 (2) PREVENT PROGRAM EXECUTIONno data
  💼 CM-7 (3) REGISTRATION COMPLIANCEno data
  💼 CM-7 (4) UNAUTHORIZED SOFTWARE _ BLACKLISTINGno data
  💼 CM-7 (5) AUTHORIZED SOFTWARE _ WHITELISTINGno data
 💼 CM-8 INFORMATION SYSTEM COMPONENT INVENTORY912no data
  💼 CM-8 (1) UPDATES DURING INSTALLATIONS _ REMOVALSno data
  💼 CM-8 (2) AUTOMATED MAINTENANCEno data
  💼 CM-8 (3) AUTOMATED UNAUTHORIZED COMPONENT DETECTIONno data
  💼 CM-8 (4) ACCOUNTABILITY INFORMATIONno data
  💼 CM-8 (5) NO DUPLICATE ACCOUNTING OF COMPONENTSno data
  💼 CM-8 (6) ASSESSED CONFIGURATIONS _ APPROVED DEVIATIONSno data
  💼 CM-8 (7) CENTRALIZED REPOSITORYno data
  💼 CM-8 (8) AUTOMATED LOCATION TRACKINGno data
  💼 CM-8 (9) ASSIGNMENT OF COMPONENTS TO SYSTEMSno data
 💼 CM-9 CONFIGURATION MANAGEMENT PLAN1no data
  💼 CM-9 (1) ASSIGNMENT OF RESPONSIBILITYno data
 💼 CM-10 SOFTWARE USAGE RESTRICTIONS1no data
  💼 CM-10 (1) OPEN SOURCE SOFTWAREno data
 💼 CM-11 USER-INSTALLED SOFTWARE2no data
  💼 CM-11 (1) ALERTS FOR UNAUTHORIZED INSTALLATIONSno data
  💼 CM-11 (2) PROHIBIT INSTALLATION WITHOUT PRIVILEGED STATUSno data
💼 CP CONTINGENCY PLANNING131no data
 💼 CP-1 CONTINGENCY PLANNING POLICY AND PROCEDURESno data
 💼 CP-2 CONTINGENCY PLAN8no data
  💼 CP-2 (1) COORDINATE WITH RELATED PLANSno data
  💼 CP-2 (2) CAPACITY PLANNINGno data
  💼 CP-2 (3) RESUME ESSENTIAL MISSIONS _ BUSINESS FUNCTIONSno data
  💼 CP-2 (4) RESUME ALL MISSIONS _ BUSINESS FUNCTIONSno data
  💼 CP-2 (5) CONTINUE ESSENTIAL MISSIONS _ BUSINESS FUNCTIONSno data
  💼 CP-2 (6) ALTERNATE PROCESSING _ STORAGE SITEno data
  💼 CP-2 (7) COORDINATE WITH EXTERNAL SERVICE PROVIDERSno data
  💼 CP-2 (8) IDENTIFY CRITICAL ASSETSno data
 💼 CP-3 CONTINGENCY TRAINING2no data
  💼 CP-3 (1) SIMULATED EVENTSno data
  💼 CP-3 (2) AUTOMATED TRAINING ENVIRONMENTSno data
 💼 CP-4 CONTINGENCY PLAN TESTING4no data
  💼 CP-4 (1) COORDINATE WITH RELATED PLANSno data
  💼 CP-4 (2) ALTERNATE PROCESSING SITEno data
  💼 CP-4 (3) AUTOMATED TESTINGno data
  💼 CP-4 (4) FULL RECOVERY _ RECONSTITUTIONno data
 💼 CP-5 CONTINGENCY PLAN UPDATEno data
 💼 CP-6 ALTERNATE STORAGE SITE3no data
  💼 CP-6 (1) SEPARATION FROM PRIMARY SITEno data
  💼 CP-6 (2) RECOVERY TIME _ POINT OBJECTIVESno data
  💼 CP-6 (3) ACCESSIBILITYno data
 💼 CP-7 ALTERNATE PROCESSING SITE6no data
  💼 CP-7 (1) SEPARATION FROM PRIMARY SITEno data
  💼 CP-7 (2) ACCESSIBILITYno data
  💼 CP-7 (3) PRIORITY OF SERVICEno data
  💼 CP-7 (4) PREPARATION FOR USEno data
  💼 CP-7 (5) EQUIVALENT INFORMATION SECURITY SAFEGUARDSno data
  💼 CP-7 (6) INABILITY TO RETURN TO PRIMARY SITEno data
 💼 CP-8 TELECOMMUNICATIONS SERVICES5no data
  💼 CP-8 (1) PRIORITY OF SERVICE PROVISIONSno data
  💼 CP-8 (2) SINGLE POINTS OF FAILUREno data
  💼 CP-8 (3) SEPARATION OF PRIMARY _ ALTERNATE PROVIDERSno data
  💼 CP-8 (4) PROVIDER CONTINGENCY PLANno data
  💼 CP-8 (5) ALTERNATE TELECOMMUNICATION SERVICE TESTINGno data
 💼 CP-9 INFORMATION SYSTEM BACKUP71no data
  💼 CP-9 (1) TESTING FOR RELIABILITY _ INTEGRITYno data
  💼 CP-9 (2) TEST RESTORATION USING SAMPLINGno data
  💼 CP-9 (3) SEPARATE STORAGE FOR CRITICAL INFORMATIONno data
  💼 CP-9 (4) PROTECTION FROM UNAUTHORIZED MODIFICATIONno data
  💼 CP-9 (5) TRANSFER TO ALTERNATE STORAGE SITEno data
  💼 CP-9 (6) REDUNDANT SECONDARY SYSTEMno data
  💼 CP-9 (7) DUAL AUTHORIZATIONno data
 💼 CP-10 INFORMATION SYSTEM RECOVERY AND RECONSTITUTION6no data
  💼 CP-10 (1) CONTINGENCY PLAN TESTINGno data
  💼 CP-10 (2) TRANSACTION RECOVERYno data
  💼 CP-10 (3) COMPENSATING SECURITY CONTROLSno data
  💼 CP-10 (4) RESTORE WITHIN TIME PERIODno data
  💼 CP-10 (5) FAILOVER CAPABILITYno data
  💼 CP-10 (6) COMPONENT PROTECTIONno data
 💼 CP-11 ALTERNATE COMMUNICATIONS PROTOCOLSno data
 💼 CP-12 SAFE MODEno data
 💼 CP-13 ALTERNATIVE SECURITY MECHANISMSno data
💼 IA IDENTIFICATION AND AUTHENTICATION1145no data
 💼 IA-1 IDENTIFICATION AND AUTHENTICATION POLICY AND PROCEDURESno data
 💼 IA-2 IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)1312no data
  💼 IA-2 (1) NETWORK ACCESS TO PRIVILEGED ACCOUNTSno data
  💼 IA-2 (2) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTSno data
  💼 IA-2 (3) LOCAL ACCESS TO PRIVILEGED ACCOUNTSno data
  💼 IA-2 (4) LOCAL ACCESS TO NON-PRIVILEGED ACCOUNTSno data
  💼 IA-2 (5) GROUP AUTHENTICATIONno data
  💼 IA-2 (6) NETWORK ACCESS TO PRIVILEGED ACCOUNTS - SEPARATE DEVICEno data
  💼 IA-2 (7) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS - SEPARATE DEVICEno data
  💼 IA-2 (8) NETWORK ACCESS TO PRIVILEGED ACCOUNTS - REPLAY RESISTANTno data
  💼 IA-2 (9) NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS - REPLAY RESISTANTno data
  💼 IA-2 (10) SINGLE SIGN-ONno data
  💼 IA-2 (11) REMOTE ACCESS - SEPARATE DEVICEno data
  💼 IA-2 (12) ACCEPTANCE OF PIV CREDENTIALSno data
  💼 IA-2 (13) OUT-OF-BAND AUTHENTICATIONno data
 💼 IA-3 DEVICE IDENTIFICATION AND AUTHENTICATION411no data
  💼 IA-3 (1) CRYPTOGRAPHIC BIDIRECTIONAL AUTHENTICATIONno data
  💼 IA-3 (2) CRYPTOGRAPHIC BIDIRECTIONAL NETWORK AUTHENTICATIONno data
  💼 IA-3 (3) DYNAMIC ADDRESS ALLOCATIONno data
  💼 IA-3 (4) DEVICE ATTESTATIONno data
 💼 IA-4 IDENTIFIER MANAGEMENT7no data
  💼 IA-4 (1) PROHIBIT ACCOUNT IDENTIFIERS AS PUBLIC IDENTIFIERSno data
  💼 IA-4 (2) SUPERVISOR AUTHORIZATIONno data
  💼 IA-4 (3) MULTIPLE FORMS OF CERTIFICATIONno data
  💼 IA-4 (4) IDENTIFY USER STATUSno data
  💼 IA-4 (5) DYNAMIC MANAGEMENTno data
  💼 IA-4 (6) CROSS-ORGANIZATION MANAGEMENTno data
  💼 IA-4 (7) IN-PERSON REGISTRATIONno data
 💼 IA-5 AUTHENTICATOR MANAGEMENT1522no data
  💼 IA-5 (1) PASSWORD-BASED AUTHENTICATIONno data
  💼 IA-5 (2) PKI-BASED AUTHENTICATIONno data
  💼 IA-5 (3) IN-PERSON OR TRUSTED THIRD-PARTY REGISTRATIONno data
  💼 IA-5 (4) AUTOMATED SUPPORT FOR PASSWORD STRENGTH DETERMINATIONno data
  💼 IA-5 (5) CHANGE AUTHENTICATORS PRIOR TO DELIVERYno data
  💼 IA-5 (6) PROTECTION OF AUTHENTICATORSno data
  💼 IA-5 (7) NO EMBEDDED UNENCRYPTED STATIC AUTHENTICATORSno data
  💼 IA-5 (8) MULTIPLE INFORMATION SYSTEM ACCOUNTSno data
  💼 IA-5 (9) CROSS-ORGANIZATION CREDENTIAL MANAGEMENTno data
  💼 IA-5 (10) DYNAMIC CREDENTIAL ASSOCIATIONno data
  💼 IA-5 (11) HARDWARE TOKEN-BASED AUTHENTICATIONno data
  💼 IA-5 (12) BIOMETRIC-BASED AUTHENTICATIONno data
  💼 IA-5 (13) EXPIRATION OF CACHED AUTHENTICATORS11no data
  💼 IA-5 (14) MANAGING CONTENT OF PKI TRUST STORESno data
  💼 IA-5 (15) FICAM-APPROVED PRODUCTS AND SERVICESno data
 💼 IA-6 AUTHENTICATOR FEEDBACKno data
 💼 IA-7 CRYPTOGRAPHIC MODULE AUTHENTICATIONno data
 💼 IA-8 IDENTIFICATION AND AUTHENTICATION (NON-ORGANIZATIONAL USERS)5no data
  💼 IA-8 (1) ACCEPTANCE OF PIV CREDENTIALS FROM OTHER AGENCIESno data
  💼 IA-8 (2) ACCEPTANCE OF THIRD-PARTY CREDENTIALSno data
  💼 IA-8 (3) USE OF FICAM-APPROVED PRODUCTSno data
  💼 IA-8 (4) USE OF FICAM-ISSUED PROFILESno data
  💼 IA-8 (5) ACCEPTANCE OF PIV-I CREDENTIALSno data
 💼 IA-9 SERVICE IDENTIFICATION AND AUTHENTICATION2no data
  💼 IA-9 (1) INFORMATION EXCHANGEno data
  💼 IA-9 (2) TRANSMISSION OF DECISIONSno data
 💼 IA-10 ADAPTIVE IDENTIFICATION AND AUTHENTICATIONno data
 💼 IA-11 RE-AUTHENTICATIONno data
💼 IR INCIDENT RESPONSE10no data
 💼 IR-1 INCIDENT RESPONSE POLICY AND PROCEDURESno data
 💼 IR-2 INCIDENT RESPONSE TRAINING2no data
  💼 IR-2 (1) SIMULATED EVENTSno data
  💼 IR-2 (2) AUTOMATED TRAINING ENVIRONMENTSno data
 💼 IR-3 INCIDENT RESPONSE TESTING2no data
  💼 IR-3 (1) AUTOMATED TESTINGno data
  💼 IR-3 (2) COORDINATION WITH RELATED PLANSno data
 💼 IR-4 INCIDENT HANDLING10no data
  💼 IR-4 (1) AUTOMATED INCIDENT HANDLING PROCESSESno data
  💼 IR-4 (2) DYNAMIC RECONFIGURATIONno data
  💼 IR-4 (3) CONTINUITY OF OPERATIONSno data
  💼 IR-4 (4) INFORMATION CORRELATIONno data
  💼 IR-4 (5) AUTOMATIC DISABLING OF INFORMATION SYSTEMno data
  💼 IR-4 (6) INSIDER THREATS - SPECIFIC CAPABILITIESno data
  💼 IR-4 (7) INSIDER THREATS - INTRA-ORGANIZATION COORDINATIONno data
  💼 IR-4 (8) CORRELATION WITH EXTERNAL ORGANIZATIONSno data
  💼 IR-4 (9) DYNAMIC RESPONSE CAPABILITYno data
  💼 IR-4 (10) SUPPLY CHAIN COORDINATIONno data
 💼 IR-5 INCIDENT MONITORING1no data
  💼 IR-5 (1) AUTOMATED TRACKING _ DATA COLLECTION _ ANALYSISno data
 💼 IR-6 INCIDENT REPORTING3no data
  💼 IR-6 (1) AUTOMATED REPORTINGno data
  💼 IR-6 (2) VULNERABILITIES RELATED TO INCIDENTSno data
  💼 IR-6 (3) COORDINATION WITH SUPPLY CHAINno data
 💼 IR-7 INCIDENT RESPONSE ASSISTANCE2no data
  💼 IR-7 (1) AUTOMATION SUPPORT FOR AVAILABILITY OF INFORMATION _ SUPPORTno data
  💼 IR-7 (2) COORDINATION WITH EXTERNAL PROVIDERSno data
 💼 IR-8 INCIDENT RESPONSE PLANno data
 💼 IR-9 INFORMATION SPILLAGE RESPONSE4no data
  💼 IR-9 (1) RESPONSIBLE PERSONNELno data
  💼 IR-9 (2) TRAININGno data
  💼 IR-9 (3) POST-SPILL OPERATIONSno data
  💼 IR-9 (4) EXPOSURE TO UNAUTHORIZED PERSONNELno data
 💼 IR-10 INTEGRATED INFORMATION SECURITY ANALYSIS TEAMno data
💼 MA MAINTENANCE6no data
 💼 MA-1 SYSTEM MAINTENANCE POLICY AND PROCEDURESno data
 💼 MA-2 CONTROLLED MAINTENANCE2no data
  💼 MA-2 (1) RECORD CONTENTno data
  💼 MA-2 (2) AUTOMATED MAINTENANCE ACTIVITIESno data
 💼 MA-3 MAINTENANCE TOOLS4no data
  💼 MA-3 (1) INSPECT TOOLSno data
  💼 MA-3 (2) INSPECT MEDIAno data
  💼 MA-3 (3) PREVENT UNAUTHORIZED REMOVALno data
  💼 MA-3 (4) RESTRICTED TOOL USEno data
 💼 MA-4 NONLOCAL MAINTENANCE7no data
  💼 MA-4 (1) AUDITING AND REVIEWno data
  💼 MA-4 (2) DOCUMENT NONLOCAL MAINTENANCEno data
  💼 MA-4 (3) COMPARABLE SECURITY _ SANITIZATIONno data
  💼 MA-4 (4) AUTHENTICATION _ SEPARATION OF MAINTENANCE SESSIONSno data
  💼 MA-4 (5) APPROVALS AND NOTIFICATIONSno data
  💼 MA-4 (6) CRYPTOGRAPHIC PROTECTIONno data
  💼 MA-4 (7) REMOTE DISCONNECT VERIFICATIONno data
 💼 MA-5 MAINTENANCE PERSONNEL5no data
  💼 MA-5 (1) INDIVIDUALS WITHOUT APPROPRIATE ACCESSno data
  💼 MA-5 (2) SECURITY CLEARANCES FOR CLASSIFIED SYSTEMSno data
  💼 MA-5 (3) CITIZENSHIP REQUIREMENTS FOR CLASSIFIED SYSTEMSno data
  💼 MA-5 (4) FOREIGN NATIONALSno data
  💼 MA-5 (5) NONSYSTEM-RELATED MAINTENANCEno data
 💼 MA-6 TIMELY MAINTENANCE3no data
  💼 MA-6 (1) PREVENTIVE MAINTENANCEno data
  💼 MA-6 (2) PREDICTIVE MAINTENANCEno data
  💼 MA-6 (3) AUTOMATED SUPPORT FOR PREDICTIVE MAINTENANCEno data
💼 MP MEDIA PROTECTION8no data
 💼 MP-1 MEDIA PROTECTION POLICY AND PROCEDURESno data
 💼 MP-2 MEDIA ACCESS2no data
  💼 MP-2 (1) AUTOMATED RESTRICTED ACCESSno data
  💼 MP-2 (2) CRYPTOGRAPHIC PROTECTIONno data
 💼 MP-3 MEDIA MARKINGno data
 💼 MP-4 MEDIA STORAGE2no data
  💼 MP-4 (1) CRYPTOGRAPHIC PROTECTIONno data
  💼 MP-4 (2) AUTOMATED RESTRICTED ACCESSno data
 💼 MP-5 MEDIA TRANSPORT4no data
  💼 MP-5 (1) PROTECTION OUTSIDE OF CONTROLLED AREASno data
  💼 MP-5 (2) DOCUMENTATION OF ACTIVITIESno data
  💼 MP-5 (3) CUSTODIANSno data
  💼 MP-5 (4) CRYPTOGRAPHIC PROTECTIONno data
 💼 MP-6 MEDIA SANITIZATION8no data
  💼 MP-6 (1) REVIEW _ APPROVE _ TRACK _ DOCUMENT _ VERIFYno data
  💼 MP-6 (2) EQUIPMENT TESTINGno data
  💼 MP-6 (3) NONDESTRUCTIVE TECHNIQUESno data
  💼 MP-6 (4) CONTROLLED UNCLASSIFIED INFORMATIONno data
  💼 MP-6 (5) CLASSIFIED INFORMATIONno data
  💼 MP-6 (6) MEDIA DESTRUCTIONno data
  💼 MP-6 (7) DUAL AUTHORIZATIONno data
  💼 MP-6 (8) REMOTE PURGING _ WIPING OF INFORMATIONno data
 💼 MP-7 MEDIA USE2no data
  💼 MP-7 (1) PROHIBIT USE WITHOUT OWNERno data
  💼 MP-7 (2) PROHIBIT USE OF SANITIZATION-RESISTANT MEDIAno data
 💼 MP-8 MEDIA DOWNGRADING4no data
  💼 MP-8 (1) DOCUMENTATION OF PROCESSno data
  💼 MP-8 (2) EQUIPMENT TESTINGno data
  💼 MP-8 (3) CONTROLLED UNCLASSIFIED INFORMATIONno data
  💼 MP-8 (4) CLASSIFIED INFORMATIONno data
💼 PE PHYSICAL AND ENVIRONMENTAL PROTECTION20no data
 💼 PE-1 PHYSICAL AND ENVIRONMENTAL PROTECTION POLICY AND PROCEDURESno data
 💼 PE-2 PHYSICAL ACCESS AUTHORIZATIONS3no data
  💼 PE-2 (1) ACCESS BY POSITION _ ROLEno data
  💼 PE-2 (2) TWO FORMS OF IDENTIFICATIONno data
  💼 PE-2 (3) RESTRICT UNESCORTED ACCESSno data
 💼 PE-3 PHYSICAL ACCESS CONTROL6no data
  💼 PE-3 (1) INFORMATION SYSTEM ACCESSno data
  💼 PE-3 (2) FACILITY _ INFORMATION SYSTEM BOUNDARIESno data
  💼 PE-3 (3) CONTINUOUS GUARDS _ ALARMS _ MONITORINGno data
  💼 PE-3 (4) LOCKABLE CASINGSno data
  💼 PE-3 (5) TAMPER PROTECTIONno data
  💼 PE-3 (6) FACILITY PENETRATION TESTINGno data
 💼 PE-4 ACCESS CONTROL FOR TRANSMISSION MEDIUMno data
 💼 PE-5 ACCESS CONTROL FOR OUTPUT DEVICES3no data
  💼 PE-5 (1) ACCESS TO OUTPUT BY AUTHORIZED INDIVIDUALSno data
  💼 PE-5 (2) ACCESS TO OUTPUT BY INDIVIDUAL IDENTITYno data
  💼 PE-5 (3) MARKING OUTPUT DEVICESno data
 💼 PE-6 MONITORING PHYSICAL ACCESS4no data
  💼 PE-6 (1) INTRUSION ALARMS _ SURVEILLANCE EQUIPMENTno data
  💼 PE-6 (2) AUTOMATED INTRUSION RECOGNITION _ RESPONSESno data
  💼 PE-6 (3) VIDEO SURVEILLANCEno data
  💼 PE-6 (4) MONITORING PHYSICAL ACCESS TO INFORMATION SYSTEMSno data
 💼 PE-7 VISITOR CONTROLno data
 💼 PE-8 VISITOR ACCESS RECORDS2no data
  💼 PE-8 (1) AUTOMATED RECORDS MAINTENANCE _ REVIEWno data
  💼 PE-8 (2) PHYSICAL ACCESS RECORDSno data
 💼 PE-9 POWER EQUIPMENT AND CABLING2no data
  💼 PE-9 (1) REDUNDANT CABLINGno data
  💼 PE-9 (2) AUTOMATIC VOLTAGE CONTROLSno data
 💼 PE-10 EMERGENCY SHUTOFF1no data
  💼 PE-10 (1) ACCIDENTAL _ UNAUTHORIZED ACTIVATIONno data
 💼 PE-11 EMERGENCY POWER2no data
  💼 PE-11 (1) LONG-TERM ALTERNATE POWER SUPPLY - MINIMAL OPERATIONAL CAPABILITYno data
  💼 PE-11 (2) LONG-TERM ALTERNATE POWER SUPPLY - SELF-CONTAINEDno data
 💼 PE-12 EMERGENCY LIGHTING1no data
  💼 PE-12 (1) ESSENTIAL MISSIONS _ BUSINESS FUNCTIONSno data
 💼 PE-13 FIRE PROTECTION4no data
  💼 PE-13 (1) DETECTION DEVICES _ SYSTEMSno data
  💼 PE-13 (2) SUPPRESSION DEVICES _ SYSTEMSno data
  💼 PE-13 (3) AUTOMATIC FIRE SUPPRESSIONno data
  💼 PE-13 (4) INSPECTIONSno data
 💼 PE-14 TEMPERATURE AND HUMIDITY CONTROLS2no data
  💼 PE-14 (1) AUTOMATIC CONTROLSno data
  💼 PE-14 (2) MONITORING WITH ALARMS _ NOTIFICATIONSno data
 💼 PE-15 WATER DAMAGE PROTECTION1no data
  💼 PE-15 (1) AUTOMATION SUPPORTno data
 💼 PE-16 DELIVERY AND REMOVALno data
 💼 PE-17 ALTERNATE WORK SITEno data
 💼 PE-18 LOCATION OF INFORMATION SYSTEM COMPONENTS1no data
  💼 PE-18 (1) FACILITY SITEno data
 💼 PE-19 INFORMATION LEAKAGE1no data
  💼 PE-19 (1) NATIONAL EMISSIONS _ TEMPEST POLICIES AND PROCEDURESno data
 💼 PE-20 ASSET MONITORING AND TRACKINGno data
💼 PL PLANNING912no data
 💼 PL-1 SECURITY PLANNING POLICY AND PROCEDURESno data
 💼 PL-2 SYSTEM SECURITY PLAN312no data
  💼 PL-2 (1) CONCEPT OF OPERATIONSno data
  💼 PL-2 (2) FUNCTIONAL ARCHITECTUREno data
  💼 PL-2 (3) PLAN _ COORDINATE WITH OTHER ORGANIZATIONAL ENTITIESno data
 💼 PL-3 SYSTEM SECURITY PLAN UPDATEno data
 💼 PL-4 RULES OF BEHAVIOR1no data
  💼 PL-4 (1) SOCIAL MEDIA AND NETWORKING RESTRICTIONSno data
 💼 PL-5 PRIVACY IMPACT ASSESSMENTno data
 💼 PL-6 SECURITY-RELATED ACTIVITY PLANNINGno data
 💼 PL-7 SECURITY CONCEPT OF OPERATIONSno data
 💼 PL-8 INFORMATION SECURITY ARCHITECTURE2no data
  💼 PL-8 (1) DEFENSE-IN-DEPTHno data
  💼 PL-8 (2) SUPPLIER DIVERSITYno data
 💼 PL-9 CENTRAL MANAGEMENTno data
💼 PS PERSONNEL SECURITY8no data
 💼 PS-1 PERSONNEL SECURITY POLICY AND PROCEDURESno data
 💼 PS-2 POSITION RISK DESIGNATIONno data
 💼 PS-3 PERSONNEL SCREENING3no data
  💼 PS-3 (1) CLASSIFIED INFORMATIONno data
  💼 PS-3 (2) FORMAL INDOCTRINATIONno data
  💼 PS-3 (3) INFORMATION WITH SPECIAL PROTECTION MEASURESno data
 💼 PS-4 PERSONNEL TERMINATION2no data
  💼 PS-4 (1) POST-EMPLOYMENT REQUIREMENTSno data
  💼 PS-4 (2) AUTOMATED NOTIFICATIONno data
 💼 PS-5 PERSONNEL TRANSFERno data
 💼 PS-6 ACCESS AGREEMENTS3no data
  💼 PS-6 (1) INFORMATION REQUIRING SPECIAL PROTECTIONno data
  💼 PS-6 (2) CLASSIFIED INFORMATION REQUIRING SPECIAL PROTECTIONno data
  💼 PS-6 (3) POST-EMPLOYMENT REQUIREMENTSno data
 💼 PS-7 THIRD-PARTY PERSONNEL SECURITYno data
 💼 PS-8 PERSONNEL SANCTIONSno data
💼 RA RISK ASSESSMENT6no data
 💼 RA-1 RISK ASSESSMENT POLICY AND PROCEDURESno data
 💼 RA-2 SECURITY CATEGORIZATIONno data
 💼 RA-3 RISK ASSESSMENTno data
 💼 RA-4 RISK ASSESSMENT UPDATEno data
 💼 RA-5 VULNERABILITY SCANNING10no data
  💼 RA-5 (1) UPDATE TOOL CAPABILITYno data
  💼 RA-5 (2) UPDATE BY FREQUENCY _ PRIOR TO NEW SCAN _ WHEN IDENTIFIEDno data
  💼 RA-5 (3) BREADTH _ DEPTH OF COVERAGEno data
  💼 RA-5 (4) DISCOVERABLE INFORMATIONno data
  💼 RA-5 (5) PRIVILEGED ACCESSno data
  💼 RA-5 (6) AUTOMATED TREND ANALYSESno data
  💼 RA-5 (7) AUTOMATED DETECTION AND NOTIFICATION OF UNAUTHORIZED COMPONENTSno data
  💼 RA-5 (8) REVIEW HISTORIC AUDIT LOGSno data
  💼 RA-5 (9) PENETRATION TESTING AND ANALYSESno data
  💼 RA-5 (10) CORRELATE SCANNING INFORMATIONno data
 💼 RA-6 TECHNICAL SURVEILLANCE COUNTERMEASURES SURVEYno data
💼 SA SYSTEM AND SERVICES ACQUISITION22no data
 💼 SA-1 SYSTEM AND SERVICES ACQUISITION POLICY AND PROCEDURESno data
 💼 SA-2 ALLOCATION OF RESOURCESno data
 💼 SA-3 SYSTEM DEVELOPMENT LIFE CYCLEno data
 💼 SA-4 ACQUISITION PROCESS10no data
  💼 SA-4 (1) FUNCTIONAL PROPERTIES OF SECURITY CONTROLSno data
  💼 SA-4 (2) DESIGN _ IMPLEMENTATION INFORMATION FOR SECURITY CONTROLSno data
  💼 SA-4 (3) DEVELOPMENT METHODS _ TECHNIQUES _ PRACTICESno data
  💼 SA-4 (4) ASSIGNMENT OF COMPONENTS TO SYSTEMSno data
  💼 SA-4 (5) SYSTEM _ COMPONENT _ SERVICE CONFIGURATIONSno data
  💼 SA-4 (6) USE OF INFORMATION ASSURANCE PRODUCTSno data
  💼 SA-4 (7) NIAP-APPROVED PROTECTION PROFILESno data
  💼 SA-4 (8) CONTINUOUS MONITORING PLANno data
  💼 SA-4 (9) FUNCTIONS _ PORTS _ PROTOCOLS _ SERVICES IN USEno data
  💼 SA-4 (10) USE OF APPROVED PIV PRODUCTSno data
 💼 SA-5 INFORMATION SYSTEM DOCUMENTATION5no data
  💼 SA-5 (1) FUNCTIONAL PROPERTIES OF SECURITY CONTROLSno data
  💼 SA-5 (2) SECURITY-RELEVANT EXTERNAL SYSTEM INTERFACESno data
  💼 SA-5 (3) HIGH-LEVEL DESIGNno data
  💼 SA-5 (4) LOW-LEVEL DESIGNno data
  💼 SA-5 (5) SOURCE CODEno data
 💼 SA-6 SOFTWARE USAGE RESTRICTIONSno data
 💼 SA-7 USER-INSTALLED SOFTWAREno data
 💼 SA-8 SECURITY ENGINEERING PRINCIPLESno data
 💼 SA-9 EXTERNAL INFORMATION SYSTEM SERVICES5no data
  💼 SA-9 (1) RISK ASSESSMENTS _ ORGANIZATIONAL APPROVALSno data
  💼 SA-9 (2) IDENTIFICATION OF FUNCTIONS _ PORTS _ PROTOCOLS _ SERVICESno data
  💼 SA-9 (3) ESTABLISH _ MAINTAIN TRUST RELATIONSHIP WITH PROVIDERSno data
  💼 SA-9 (4) CONSISTENT INTERESTS OF CONSUMERS AND PROVIDERSno data
  💼 SA-9 (5) PROCESSING, STORAGE, AND SERVICE LOCATIONno data
 💼 SA-10 DEVELOPER CONFIGURATION MANAGEMENT6no data
  💼 SA-10 (1) SOFTWARE _ FIRMWARE INTEGRITY VERIFICATIONno data
  💼 SA-10 (2) ALTERNATIVE CONFIGURATION MANAGEMENT PROCESSESno data
  💼 SA-10 (3) HARDWARE INTEGRITY VERIFICATIONno data
  💼 SA-10 (4) TRUSTED GENERATIONno data
  💼 SA-10 (5) MAPPING INTEGRITY FOR VERSION CONTROLno data
  💼 SA-10 (6) TRUSTED DISTRIBUTIONno data
 💼 SA-11 DEVELOPER SECURITY TESTING AND EVALUATION8no data
  💼 SA-11 (1) STATIC CODE ANALYSISno data
  💼 SA-11 (2) THREAT AND VULNERABILITY ANALYSESno data
  💼 SA-11 (3) INDEPENDENT VERIFICATION OF ASSESSMENT PLANS _ EVIDENCEno data
  💼 SA-11 (4) MANUAL CODE REVIEWSno data
  💼 SA-11 (5) PENETRATION TESTINGno data
  💼 SA-11 (6) ATTACK SURFACE REVIEWSno data
  💼 SA-11 (7) VERIFY SCOPE OF TESTING _ EVALUATIONno data
  💼 SA-11 (8) DYNAMIC CODE ANALYSISno data
 💼 SA-12 SUPPLY CHAIN PROTECTION15no data
  💼 SA-12 (1) ACQUISITION STRATEGIES _ TOOLS _ METHODSno data
  💼 SA-12 (2) SUPPLIER REVIEWSno data
  💼 SA-12 (3) TRUSTED SHIPPING AND WAREHOUSINGno data
  💼 SA-12 (4) DIVERSITY OF SUPPLIERSno data
  💼 SA-12 (5) LIMITATION OF HARMno data
  💼 SA-12 (6) MINIMIZING PROCUREMENT TIMEno data
  💼 SA-12 (7) ASSESSMENTS PRIOR TO SELECTION _ ACCEPTANCE _ UPDATEno data
  💼 SA-12 (8) USE OF ALL-SOURCE INTELLIGENCEno data
  💼 SA-12 (9) OPERATIONS SECURITYno data
  💼 SA-12 (10) VALIDATE AS GENUINE AND NOT ALTEREDno data
  💼 SA-12 (11) PENETRATION TESTING _ ANALYSIS OF ELEMENTS, PROCESSES, AND ACTORSno data
  💼 SA-12 (12) INTER-ORGANIZATIONAL AGREEMENTSno data
  💼 SA-12 (13) CRITICAL INFORMATION SYSTEM COMPONENTSno data
  💼 SA-12 (14) IDENTITY AND TRACEABILITYno data
  💼 SA-12 (15) PROCESSES TO ADDRESS WEAKNESSES OR DEFICIENCIESno data
 💼 SA-13 TRUSTWORTHINESSno data
 💼 SA-14 CRITICALITY ANALYSIS1no data
  💼 SA-14 (1) CRITICAL COMPONENTS WITH NO VIABLE ALTERNATIVE SOURCINGno data
 💼 SA-15 DEVELOPMENT PROCESS, STANDARDS, AND TOOLS11no data
  💼 SA-15 (1) QUALITY METRICSno data
  💼 SA-15 (2) SECURITY TRACKING TOOLSno data
  💼 SA-15 (3) CRITICALITY ANALYSISno data
  💼 SA-15 (4) THREAT MODELING _ VULNERABILITY ANALYSISno data
  💼 SA-15 (5) ATTACK SURFACE REDUCTIONno data
  💼 SA-15 (6) CONTINUOUS IMPROVEMENTno data
  💼 SA-15 (7) AUTOMATED VULNERABILITY ANALYSISno data
  💼 SA-15 (8) REUSE OF THREAT _ VULNERABILITY INFORMATIONno data
  💼 SA-15 (9) USE OF LIVE DATAno data
  💼 SA-15 (10) INCIDENT RESPONSE PLANno data
  💼 SA-15 (11) ARCHIVE INFORMATION SYSTEM _ COMPONENTno data
 💼 SA-16 DEVELOPER-PROVIDED TRAININGno data
 💼 SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN7no data
  💼 SA-17 (1) FORMAL POLICY MODELno data
  💼 SA-17 (2) SECURITY-RELEVANT COMPONENTSno data
  💼 SA-17 (3) FORMAL CORRESPONDENCEno data
  💼 SA-17 (4) INFORMAL CORRESPONDENCEno data
  💼 SA-17 (5) CONCEPTUALLY SIMPLE DESIGNno data
  💼 SA-17 (6) STRUCTURE FOR TESTINGno data
  💼 SA-17 (7) STRUCTURE FOR LEAST PRIVILEGEno data
 💼 SA-18 TAMPER RESISTANCE AND DETECTION2no data
  💼 SA-18 (1) MULTIPLE PHASES OF SDLCno data
  💼 SA-18 (2) INSPECTION OF INFORMATION SYSTEMS, COMPONENTS, OR DEVICESno data
 💼 SA-19 COMPONENT AUTHENTICITY4no data
  💼 SA-19 (1) ANTI-COUNTERFEIT TRAININGno data
  💼 SA-19 (2) CONFIGURATION CONTROL FOR COMPONENT SERVICE _ REPAIRno data
  💼 SA-19 (3) COMPONENT DISPOSALno data
  💼 SA-19 (4) ANTI-COUNTERFEIT SCANNINGno data
 💼 SA-20 CUSTOMIZED DEVELOPMENT OF CRITICAL COMPONENTSno data
 💼 SA-21 DEVELOPER SCREENING1no data
  💼 SA-21 (1) VALIDATION OF SCREENINGno data
 💼 SA-22 UNSUPPORTED SYSTEM COMPONENTS1no data
  💼 SA-22 (1) ALTERNATIVE SOURCES FOR CONTINUED SUPPORTno data
💼 SC SYSTEM AND COMMUNICATIONS PROTECTION441643no data
 💼 SC-1 SYSTEM AND COMMUNICATIONS PROTECTION POLICY AND PROCEDURESno data
 💼 SC-2 APPLICATION PARTITIONING1no data
  💼 SC-2 (1) INTERFACES FOR NON-PRIVILEGED USERSno data
 💼 SC-3 SECURITY FUNCTION ISOLATION5no data
  💼 SC-3 (1) HARDWARE SEPARATIONno data
  💼 SC-3 (2) ACCESS _ FLOW CONTROL FUNCTIONSno data
  💼 SC-3 (3) MINIMIZE NONSECURITY FUNCTIONALITYno data
  💼 SC-3 (4) MODULE COUPLING AND COHESIVENESSno data
  💼 SC-3 (5) LAYERED STRUCTURESno data
 💼 SC-4 INFORMATION IN SHARED RESOURCES2no data
  💼 SC-4 (1) SECURITY LEVELSno data
  💼 SC-4 (2) PERIODS PROCESSINGno data
 💼 SC-5 DENIAL OF SERVICE PROTECTION3no data
  💼 SC-5 (1) RESTRICT INTERNAL USERSno data
  💼 SC-5 (2) EXCESS CAPACITY _ BANDWIDTH _ REDUNDANCYno data
  💼 SC-5 (3) DETECTION _ MONITORINGno data
 💼 SC-6 RESOURCE AVAILABILITYno data
 💼 SC-7 BOUNDARY PROTECTION23531no data
  💼 SC-7 (1) PHYSICALLY SEPARATED SUBNETWORKSno data
  💼 SC-7 (2) PUBLIC ACCESSno data
  💼 SC-7 (3) ACCESS POINTSno data
  💼 SC-7 (4) EXTERNAL TELECOMMUNICATIONS SERVICESno data
  💼 SC-7 (5) DENY BY DEFAULT _ ALLOW BY EXCEPTIONno data
  💼 SC-7 (6) RESPONSE TO RECOGNIZED FAILURESno data
  💼 SC-7 (7) PREVENT SPLIT TUNNELING FOR REMOTE DEVICESno data
  💼 SC-7 (8) ROUTE TRAFFIC TO AUTHENTICATED PROXY SERVERSno data
  💼 SC-7 (9) RESTRICT THREATENING OUTGOING COMMUNICATIONS TRAFFICno data
  💼 SC-7 (10) PREVENT UNAUTHORIZED EXFILTRATIONno data
  💼 SC-7 (11) RESTRICT INCOMING COMMUNICATIONS TRAFFICno data
  💼 SC-7 (12) HOST-BASED PROTECTIONno data
  💼 SC-7 (13) ISOLATION OF SECURITY TOOLS _ MECHANISMS _ SUPPORT COMPONENTSno data
  💼 SC-7 (14) PROTECTS AGAINST UNAUTHORIZED PHYSICAL CONNECTIONSno data
  💼 SC-7 (15) ROUTE PRIVILEGED NETWORK ACCESSESno data
  💼 SC-7 (16) PREVENT DISCOVERY OF COMPONENTS _ DEVICESno data
  💼 SC-7 (17) AUTOMATED ENFORCEMENT OF PROTOCOL FORMATSno data
  💼 SC-7 (18) FAIL SECUREno data
  💼 SC-7 (19) BLOCKS COMMUNICATION FROM NON-ORGANIZATIONALLY CONFIGURED HOSTSno data
  💼 SC-7 (20) DYNAMIC ISOLATION _ SEGREGATIONno data
  💼 SC-7 (21) ISOLATION OF INFORMATION SYSTEM COMPONENTSno data
  💼 SC-7 (22) SEPARATE SUBNETS FOR CONNECTING TO DIFFERENT SECURITY DOMAINSno data
  💼 SC-7 (23) DISABLE SENDER FEEDBACK ON PROTOCOL VALIDATION FAILUREno data
 💼 SC-8 TRANSMISSION CONFIDENTIALITY AND INTEGRITY422no data
  💼 SC-8 (1) CRYPTOGRAPHIC OR ALTERNATE PHYSICAL PROTECTIONno data
  💼 SC-8 (2) PRE _ POST TRANSMISSION HANDLINGno data
  💼 SC-8 (3) CRYPTOGRAPHIC PROTECTION FOR MESSAGE EXTERNALSno data
  💼 SC-8 (4) CONCEAL _ RANDOMIZE COMMUNICATIONSno data
 💼 SC-9 TRANSMISSION CONFIDENTIALITYno data
 💼 SC-10 NETWORK DISCONNECTno data
 💼 SC-11 TRUSTED PATH1no data
  💼 SC-11 (1) LOGICAL ISOLATIONno data
 💼 SC-12 CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT545no data
  💼 SC-12 (1) AVAILABILITYno data
  💼 SC-12 (2) SYMMETRIC KEYS11no data
  💼 SC-12 (3) ASYMMETRIC KEYS11no data
  💼 SC-12 (4) PKI CERTIFICATESno data
  💼 SC-12 (5) PKI CERTIFICATES _ HARDWARE TOKENSno data
 💼 SC-13 CRYPTOGRAPHIC PROTECTION422no data
  💼 SC-13 (1) FIPS-VALIDATED CRYPTOGRAPHYno data
  💼 SC-13 (2) NSA-APPROVED CRYPTOGRAPHYno data
  💼 SC-13 (3) INDIVIDUALS WITHOUT FORMAL ACCESS APPROVALSno data
  💼 SC-13 (4) DIGITAL SIGNATURESno data
 💼 SC-14 PUBLIC ACCESS PROTECTIONSno data
 💼 SC-15 COLLABORATIVE COMPUTING DEVICES4no data
  💼 SC-15 (1) PHYSICAL DISCONNECTno data
  💼 SC-15 (2) BLOCKING INBOUND _ OUTBOUND COMMUNICATIONS TRAFFICno data
  💼 SC-15 (3) DISABLING _ REMOVAL IN SECURE WORK AREASno data
  💼 SC-15 (4) EXPLICITLY INDICATE CURRENT PARTICIPANTSno data
 💼 SC-16 TRANSMISSION OF SECURITY ATTRIBUTES1no data
  💼 SC-16 (1) INTEGRITY VALIDATIONno data
 💼 SC-17 PUBLIC KEY INFRASTRUCTURE CERTIFICATES22no data
 💼 SC-18 MOBILE CODE5no data
  💼 SC-18 (1) IDENTIFY UNACCEPTABLE CODE _ TAKE CORRECTIVE ACTIONSno data
  💼 SC-18 (2) ACQUISITION _ DEVELOPMENT _ USEno data
  💼 SC-18 (3) PREVENT DOWNLOADING _ EXECUTIONno data
  💼 SC-18 (4) PREVENT AUTOMATIC EXECUTIONno data
  💼 SC-18 (5) ALLOW EXECUTION ONLY IN CONFINED ENVIRONMENTSno data
 💼 SC-19 VOICE OVER INTERNET PROTOCOLno data
 💼 SC-20 SECURE NAME _ ADDRESS RESOLUTION SERVICE (AUTHORITATIVE SOURCE)2no data
  💼 SC-20 (1) CHILD SUBSPACESno data
  💼 SC-20 (2) DATA ORIGIN _ INTEGRITYno data
 💼 SC-21 SECURE NAME _ ADDRESS RESOLUTION SERVICE (RECURSIVE OR CACHING RESOLVER)1no data
  💼 SC-21 (1) DATA ORIGIN _ INTEGRITYno data
 💼 SC-22 ARCHITECTURE AND PROVISIONING FOR NAME _ ADDRESS RESOLUTION SERVICEno data
 💼 SC-23 SESSION AUTHENTICITY4no data
  💼 SC-23 (1) INVALIDATE SESSION IDENTIFIERS AT LOGOUTno data
  💼 SC-23 (2) USER-INITIATED LOGOUTS _ MESSAGE DISPLAYSno data
  💼 SC-23 (4) UNIQUE SESSION IDENTIFIERS WITH RANDOMIZATIONno data
  💼 SC-23 (5) ALLOWED CERTIFICATE AUTHORITIESno data
 💼 SC-24 FAIL IN KNOWN STATEno data
 💼 SC-25 THIN NODESno data
 💼 SC-26 HONEYPOTS1no data
  💼 SC-26 (1) DETECTION OF MALICIOUS CODEno data
 💼 SC-27 PLATFORM-INDEPENDENT APPLICATIONSno data
 💼 SC-28 PROTECTION OF INFORMATION AT REST233no data
  💼 SC-28 (1) CRYPTOGRAPHIC PROTECTIONno data
  💼 SC-28 (2) OFF-LINE STORAGEno data
 💼 SC-29 HETEROGENEITY1no data
  💼 SC-29 (1) VIRTUALIZATION TECHNIQUESno data
 💼 SC-30 CONCEALMENT AND MISDIRECTION5no data
  💼 SC-30 (1) VIRTUALIZATION TECHNIQUESno data
  💼 SC-30 (2) RANDOMNESSno data
  💼 SC-30 (3) CHANGE PROCESSING _ STORAGE LOCATIONSno data
  💼 SC-30 (4) MISLEADING INFORMATIONno data
  💼 SC-30 (5) CONCEALMENT OF SYSTEM COMPONENTSno data
 💼 SC-31 COVERT CHANNEL ANALYSIS3no data
  💼 SC-31 (1) TEST COVERT CHANNELS FOR EXPLOITABILITYno data
  💼 SC-31 (2) MAXIMUM BANDWIDTHno data
  💼 SC-31 (3) MEASURE BANDWIDTH IN OPERATIONAL ENVIRONMENTSno data
 💼 SC-32 INFORMATION SYSTEM PARTITIONINGno data
 💼 SC-33 TRANSMISSION PREPARATION INTEGRITYno data
 💼 SC-34 NON-MODIFIABLE EXECUTABLE PROGRAMS3no data
  💼 SC-34 (1) NO WRITABLE STORAGEno data
  💼 SC-34 (2) INTEGRITY PROTECTION _ READ-ONLY MEDIAno data
  💼 SC-34 (3) HARDWARE-BASED PROTECTIONno data
 💼 SC-35 HONEYCLIENTSno data
 💼 SC-36 DISTRIBUTED PROCESSING AND STORAGE1no data
  💼 SC-36 (1) POLLING TECHNIQUESno data
 💼 SC-37 OUT-OF-BAND CHANNELS1no data
  💼 SC-37 (1) ENSURE DELIVERY _ TRANSMISSIONno data
 💼 SC-38 OPERATIONS SECURITYno data
 💼 SC-39 PROCESS ISOLATION2no data
  💼 SC-39 (1) HARDWARE SEPARATIONno data
  💼 SC-39 (2) THREAD ISOLATIONno data
 💼 SC-40 WIRELESS LINK PROTECTION4no data
  💼 SC-40 (1) ELECTROMAGNETIC INTERFERENCEno data
  💼 SC-40 (2) REDUCE DETECTION POTENTIALno data
  💼 SC-40 (3) IMITATIVE OR MANIPULATIVE COMMUNICATIONS DECEPTIONno data
  💼 SC-40 (4) SIGNAL PARAMETER IDENTIFICATIONno data
 💼 SC-41 PORT AND I_O DEVICE ACCESSno data
 💼 SC-42 SENSOR CAPABILITY AND DATA3no data
  💼 SC-42 (1) REPORTING TO AUTHORIZED INDIVIDUALS OR ROLESno data
  💼 SC-42 (2) AUTHORIZED USEno data
  💼 SC-42 (3) PROHIBIT USE OF DEVICESno data
 💼 SC-43 USAGE RESTRICTIONSno data
 💼 SC-44 DETONATION CHAMBERSno data
💼 SI SYSTEM AND INFORMATION INTEGRITY1723no data
 💼 SI-1 SYSTEM AND INFORMATION INTEGRITY POLICY AND PROCEDURESno data
 💼 SI-2 FLAW REMEDIATION622no data
  💼 SI-2 (1) CENTRAL MANAGEMENTno data
  💼 SI-2 (2) AUTOMATED FLAW REMEDIATION STATUSno data
  💼 SI-2 (3) TIME TO REMEDIATE FLAWS _ BENCHMARKS FOR CORRECTIVE ACTIONSno data
  💼 SI-2 (4) AUTOMATED PATCH MANAGEMENT TOOLSno data
  💼 SI-2 (5) AUTOMATIC SOFTWARE _ FIRMWARE UPDATESno data
  💼 SI-2 (6) REMOVAL OF PREVIOUS VERSIONS OF SOFTWARE _ FIRMWAREno data
 💼 SI-3 MALICIOUS CODE PROTECTION10no data
  💼 SI-3 (1) CENTRAL MANAGEMENTno data
  💼 SI-3 (2) AUTOMATIC UPDATESno data
  💼 SI-3 (3) NON-PRIVILEGED USERSno data
  💼 SI-3 (4) UPDATES ONLY BY PRIVILEGED USERSno data
  💼 SI-3 (5) PORTABLE STORAGE DEVICESno data
  💼 SI-3 (6) TESTING _ VERIFICATIONno data
  💼 SI-3 (7) NONSIGNATURE-BASED DETECTIONno data
  💼 SI-3 (8) DETECT UNAUTHORIZED COMMANDSno data
  💼 SI-3 (9) AUTHENTICATE REMOTE COMMANDSno data
  💼 SI-3 (10) MALICIOUS CODE ANALYSISno data
 💼 SI-4 INFORMATION SYSTEM MONITORING241no data
  💼 SI-4 (1) SYSTEM-WIDE INTRUSION DETECTION SYSTEMno data
  💼 SI-4 (2) AUTOMATED TOOLS FOR REAL-TIME ANALYSISno data
  💼 SI-4 (3) AUTOMATED TOOL INTEGRATIONno data
  💼 SI-4 (4) INBOUND AND OUTBOUND COMMUNICATIONS TRAFFICno data
  💼 SI-4 (5) SYSTEM-GENERATED ALERTSno data
  💼 SI-4 (6) RESTRICT NON-PRIVILEGED USERSno data
  💼 SI-4 (7) AUTOMATED RESPONSE TO SUSPICIOUS EVENTSno data
  💼 SI-4 (8) PROTECTION OF MONITORING INFORMATIONno data
  💼 SI-4 (9) TESTING OF MONITORING TOOLSno data
  💼 SI-4 (10) VISIBILITY OF ENCRYPTED COMMUNICATIONSno data
  💼 SI-4 (11) ANALYZE COMMUNICATIONS TRAFFIC ANOMALIESno data
  💼 SI-4 (12) AUTOMATED ALERTSno data
  💼 SI-4 (13) ANALYZE TRAFFIC _ EVENT PATTERNSno data
  💼 SI-4 (14) WIRELESS INTRUSION DETECTIONno data
  💼 SI-4 (15) WIRELESS TO WIRELINE COMMUNICATIONSno data
  💼 SI-4 (16) CORRELATE MONITORING INFORMATIONno data
  💼 SI-4 (17) INTEGRATED SITUATIONAL AWARENESSno data
  💼 SI-4 (18) ANALYZE TRAFFIC _ COVERT EXFILTRATIONno data
  💼 SI-4 (19) INDIVIDUALS POSING GREATER RISKno data
  💼 SI-4 (20) PRIVILEGED USERSno data
  💼 SI-4 (21) PROBATIONARY PERIODSno data
  💼 SI-4 (22) UNAUTHORIZED NETWORK SERVICESno data
  💼 SI-4 (23) HOST-BASED DEVICESno data
  💼 SI-4 (24) INDICATORS OF COMPROMISEno data
 💼 SI-5 SECURITY ALERTS, ADVISORIES, AND DIRECTIVES1no data
  💼 SI-5 (1) AUTOMATED ALERTS AND ADVISORIESno data
 💼 SI-6 SECURITY FUNCTION VERIFICATION3no data
  💼 SI-6 (1) NOTIFICATION OF FAILED SECURITY TESTSno data
  💼 SI-6 (2) AUTOMATION SUPPORT FOR DISTRIBUTED TESTINGno data
  💼 SI-6 (3) REPORT VERIFICATION RESULTSno data
 💼 SI-7 SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY16no data
  💼 SI-7 (1) INTEGRITY CHECKSno data
  💼 SI-7 (2) AUTOMATED NOTIFICATIONS OF INTEGRITY VIOLATIONSno data
  💼 SI-7 (3) CENTRALLY-MANAGED INTEGRITY TOOLSno data
  💼 SI-7 (4) TAMPER-EVIDENT PACKAGINGno data
  💼 SI-7 (5) AUTOMATED RESPONSE TO INTEGRITY VIOLATIONSno data
  💼 SI-7 (6) CRYPTOGRAPHIC PROTECTIONno data
  💼 SI-7 (7) INTEGRATION OF DETECTION AND RESPONSEno data
  💼 SI-7 (8) AUDITING CAPABILITY FOR SIGNIFICANT EVENTSno data
  💼 SI-7 (9) VERIFY BOOT PROCESSno data
  💼 SI-7 (10) PROTECTION OF BOOT FIRMWAREno data
  💼 SI-7 (11) CONFINED ENVIRONMENTS WITH LIMITED PRIVILEGESno data
  💼 SI-7 (12) INTEGRITY VERIFICATIONno data
  💼 SI-7 (13) CODE EXECUTION IN PROTECTED ENVIRONMENTSno data
  💼 SI-7 (14) BINARY OR MACHINE EXECUTABLE CODEno data
  💼 SI-7 (15) CODE AUTHENTICATIONno data
  💼 SI-7 (16) TIME LIMIT ON PROCESS EXECUTION W_O SUPERVISIONno data
 💼 SI-8 SPAM PROTECTION3no data
  💼 SI-8 (1) CENTRAL MANAGEMENTno data
  💼 SI-8 (2) AUTOMATIC UPDATESno data
  💼 SI-8 (3) CONTINUOUS LEARNING CAPABILITYno data
 💼 SI-9 INFORMATION INPUT RESTRICTIONSno data
 💼 SI-10 INFORMATION INPUT VALIDATION5no data
  💼 SI-10 (1) MANUAL OVERRIDE CAPABILITYno data
  💼 SI-10 (2) REVIEW _ RESOLUTION OF ERRORSno data
  💼 SI-10 (3) PREDICTABLE BEHAVIORno data
  💼 SI-10 (4) REVIEW _ TIMING INTERACTIONSno data
  💼 SI-10 (5) RESTRICT INPUTS TO TRUSTED SOURCES AND APPROVED FORMATSno data
 💼 SI-11 ERROR HANDLINGno data
 💼 SI-12 INFORMATION HANDLING AND RETENTIONno data
 💼 SI-13 PREDICTABLE FAILURE PREVENTION5no data
  💼 SI-13 (1) TRANSFERRING COMPONENT RESPONSIBILITIESno data
  💼 SI-13 (2) TIME LIMIT ON PROCESS EXECUTION WITHOUT SUPERVISIONno data
  💼 SI-13 (3) MANUAL TRANSFER BETWEEN COMPONENTSno data
  💼 SI-13 (4) STANDBY COMPONENT INSTALLATION _ NOTIFICATIONno data
  💼 SI-13 (5) FAILOVER CAPABILITYno data
 💼 SI-14 NON-PERSISTENCE1no data
  💼 SI-14 (1) REFRESH FROM TRUSTED SOURCESno data
 💼 SI-15 INFORMATION OUTPUT FILTERINGno data
 💼 SI-16 MEMORY PROTECTIONno data
 💼 SI-17 FAIL-SAFE PROCEDURESno data