home || catalog: SP800-53rev3 / class: Operational ||
search controls:
search nistpubs:

(AT) Awareness and Training
(AT-01) Security Awareness and Training Policy and Procedures
(AT-02) Security Awareness
(AT-03) Security Training
(AT-04) Security Training Records
(AT-05) Contacts with Security Groups and Associations
(AT-06) Assessor Training

(CM) Configuration Management
(CM-01) Configuration Management Policy and Procedures
(CM-02) Baseline Configuration
(CM-03) Configuration Change Control
(CM-04) Security Impact Analysis
(CM-05) Access Restrictions for Change
(CM-06) Configuration Settings
(CM-07) Least Functionality
(CM-08) Information System Component Inventory
(CM-09) Configuration Management Plan

(CP) Contingency Planning
(CP-01) Contingency Planning Policy and Procedures
(CP-02) Contingency Plan
(CP-03) Contingency Training
(CP-04) Contingency Plan Testing and Exercises
(CP-05) Contingency Plan Update
(CP-06) Alternate Storage Site
(CP-07) Alternate Processing Site
(CP-08) Telecommunications Services
(CP-09) Information System Backup
(CP-10) Information System Recovery and Reconstitution

(IR) Incident Response
(IR-01) Incident Response Policy and Procedures
(IR-02) Incident Response Training
(IR-03) Incident Response Testing and Exercises
(IR-04) Incident Handling
(IR-05) Incident Monitoring
(IR-06) Incident Reporting
(IR-07) Incident Response Assistance
(IR-08) Incident Response Plan

(MA) Maintenance
(MA-01) System Maintenance Policy and Procedures
(MA-02) Controlled Maintenance
(MA-03) Maintenance Tools
(MA-04) Non-local Maintenance
(MA-05) Maintenance Personnel
(MA-06) Timely Maintenance

(MP) Media Protection
(MP-01) Media Protection Policy and Procedures
(MP-02) Media Access
(MP-03) Media Marking
(MP-04) Media Storage
(MP-05) Media Transport
(MP-06) Media Sanitization

(PE) Physical and Environmental Protection
(PE-01) Physical and Environmental Protection Policy and Procedures
(PE-02) Physical Access Authorizations
(PE-03) Physical Access Control
(PE-04) Access Control for Transmission Medium
(PE-05) Access Control for Output Devices
(PE-06) Monitoring Physical Access
(PE-07) Visitor Control
(PE-08) Access Records
(PE-09) Power Equipment and Power Cabling
(PE-10) Emergency Shutoff
(PE-11) Emergency Power
(PE-12) Emergency Lighting
(PE-13) Fire Protection
(PE-14) Temperature and Humidity Controls
(PE-15) Water Damage Protection
(PE-16) Delivery and Removal
(PE-17) Alternate Work Site
(PE-18) Location of Information System Components
(PE-19) Information Leakage
(PE-20) Physical Security

(PS) Personnel Security
(PS-01) Personnel Security Policy and Procedures
(PS-02) Position Categorization
(PS-03) Personnel Screening
(PS-04) Personnel Termination
(PS-05) Personnel Transfer
(PS-06) Access Agreements
(PS-07) Third-Party Personnel Security
(PS-08) Personnel Sanctions

(SI) System and Information Integrity
(SI-01) System and Information Integrity Policy and Procedures
(SI-02) Flaw Remediation
(SI-03) Malicious Code Protection
(SI-04) Information System Monitoring
(SI-05) Security Alerts, Advisories and Directives
(SI-06) Security Functionality Verification
(SI-07) Software and Information Integrity
(SI-08) Spam Protection
(SI-09) Information Input Restrictions
(SI-10) Information Input Validitation
(SI-11) Error Handling
(SI-12) Information Output Handling and Retention
(SI-13) Predictable Failure Prevention