| 💼 CA-1 Policy and Procedures | | | | | no data |
| 💼 CA-2 Control Assessments | 3 | | | | no data |
|  💼 CA-2(1) Control Assessments _ Independent Assessors | | | | | no data |
|  💼 CA-2(2) Control Assessments _ Specialized Assessments | | | | | no data |
|  💼 CA-2(3) Control Assessments _ Leveraging Results from External Organizations | | | | | no data |
| 💼 CA-3 Information Exchange | 7 | | | | no data |
|  💼 CA-3(1) Information Exchange _ Unclassified National Security System Connections | | | | | no data |
|  💼 CA-3(2) Information Exchange _ Classified National Security System Connections | | | | | no data |
|  💼 CA-3(3) Information Exchange _ Unclassified Non-national Security System Connections | | | | | no data |
|  💼 CA-3(4) Information Exchange _ Connections to Public Networks | | | | | no data |
|  💼 CA-3(5) Information Exchange _ Restrictions on External System Connections | | | | | no data |
|  💼 CA-3(6) Information Exchange _ Transfer Authorizations | | | | | no data |
|  💼 CA-3(7) Information Exchange _ Transitive Information Exchanges | | | | | no data |
| 💼 CA-4 Security Certification | | | | | no data |
| 💼 CA-5 Plan of Action and Milestones | 1 | | | | no data |
|  💼 CA-5(1) Plan of Action and Milestones _ Automation Support for Accuracy and Currency | | | | | no data |
| 💼 CA-6 Authorization | 2 | | | | no data |
|  💼 CA-6(1) Authorization _ Joint Authorization — Intra-organization | | | | | no data |
|  💼 CA-6(2) Authorization _ Joint Authorization — Inter-organization | | | | | no data |
| 💼 CA-7 Continuous Monitoring | 6 | | 12 | | no data |
|  💼 CA-7(1) Continuous Monitoring _ Independent Assessment | | | | | no data |
|  💼 CA-7(2) Continuous Monitoring _ Types of Assessments | | | | | no data |
|  💼 CA-7(3) Continuous Monitoring _ Trend Analyses | | | | | no data |
|  💼 CA-7(4) Continuous Monitoring _ Risk Monitoring | | | | | no data |
|  💼 CA-7(5) Continuous Monitoring _ Consistency Analysis | | | | | no data |
|  💼 CA-7(6) Continuous Monitoring _ Automation Support for Monitoring | | | | | no data |
| 💼 CA-8 Penetration Testing | 3 | | | | no data |
|  💼 CA-8(1) Penetration Testing _ Independent Penetration Testing Agent or Team | | | | | no data |
|  💼 CA-8(2) Penetration Testing _ Red Team Exercises | | | | | no data |
|  💼 CA-8(3) Penetration Testing _ Facility Penetration Testing | | | | | no data |
| 💼 CA-9 Internal System Connections | 1 | | 24 | | no data |
|  💼 CA-9(1) Internal System Connections _ Compliance Checks | | | 23 | | no data |