Score of Applied Controls:
9
9 out of 228
Count of Applied Controls:
153
153 out of 228
Risk Assessment
[based on applied Controls]
33
33 out of 100
228 Cntrls
Access Agreements Access Agreements
0 / 1 Answered
Access Control Decisions Access Control Decisions
0 / 1 Answered
Access Control for Mobile Devices Access Control for Mobile Devices
0 / 1 Answered
Access Control Policy and Procedures Access Control Policy and Procedures
0 / 1 Answered
Access Enforcement Access Enforcement
0 / 3 Answered
Access Restrictions for Change Access Restrictions for Change
0 / 5 Answered
Account Management Account Management
0 / 1 Answered
Acquisition Process Acquisition Process
0 / 3 Answered
Allocation of Resources Allocation of Resources
0 / 1 Answered
Alternate Processing Site Alternate Processing Site
0 / 1 Answered
Alternate Storage Site Alternate Storage Site
0 / 2 Answered
Alternate Work Site Alternate Work Site
0 / 1 Answered
Asset Monitoring and Tracking Asset Monitoring and Tracking
0 / 1 Answered
Audit and Accountability Policy and Procedures Audit and Accountability Policy and Procedures
0 / 1 Answered
Audit Events Audit Events
0 / 1 Answered
Audit Generation Audit Generation
0 / 1 Answered
Audit Review, Analysis, and Reporting Audit Review, Analysis, and Reporting
0 / 2 Answered
Auditing Roles Responsible For Provenance Auditing Roles Responsible For Provenance
0 / 1 Answered
Authenticator Management Authenticator Management
0 / 3 Answered
Baseline Configuration Baseline Configuration
0 / 3 Answered
Boundary Protection Boundary Protection
0 / 3 Answered
Component Authenticity Component Authenticity
0 / 5 Answered
Concealment and Misdirection Concealment and Misdirection
0 / 5 Answered
Configuration Change Control Configuration Change Control
0 / 1 Answered
Configuration Management Plan Configuration Management Plan
0 / 2 Answered
Configuration Management Policy and Procedures Configuration Management Policy and Procedures
0 / 1 Answered
Configuration Settings Configuration Settings
0 / 3 Answered
Contingency Plan Contingency Plan
0 / 4 Answered
Contingency Planning Policy and Procedures Contingency Planning Policy and Procedures
0 / 1 Answered
Continuous Monitoring Continuous Monitoring
0 / 2 Answered
Controlled Maintenance Controlled Maintenance
0 / 1 Answered
Criticality Analysis Criticality Analysis
0 / 1 Answered
Cross-Organizational Auditing Cross-Organizational Auditing
0 / 2 Answered
Customized Development of Critical Components Customized Development of Critical Components
0 / 1 Answered
Delivery and Removal Delivery and Removal
0 / 1 Answered
Denial of Service Protection Denial of Service Protection
0 / 2 Answered
Developer Configuration Management Developer Configuration Management
0 / 1 Answered
Developer Screening Developer Screening
0 / 2 Answered
Developer Security Architecture and Design Developer Security Architecture and Design
0 / 1 Answered
Developer Security Testing and Evaluation Developer Security Testing and Evaluation
0 / 1 Answered
Developer-Provided Training Developer-Provided Training
0 / 1 Answered
Development Process, Standards, and Tools Development Process, Standards, and Tools
0 / 4 Answered
Distributed Processing and Storage Distributed Processing and Storage
0 / 1 Answered
External Information System Services External Information System Services
0 / 4 Answered
Flaw Remediation Flaw Remediation
0 / 2 Answered
Heterogeneity Heterogeneity
0 / 1 Answered
Identification and Authentication (Non-Organizatio Identification and Authentication (Non-Organizational Users)
0 / 1 Answered
Identification and Authentication (Organizational Identification and Authentication (Organizational Users)
0 / 1 Answered
Identification and Authentication Policy and Proce Identification and Authentication Policy and Procedures
0 / 1 Answered
Identifier Management Identifier Management
0 / 2 Answered
Incident Handling Incident Handling
0 / 3 Answered
Incident Reporting Incident Reporting
0 / 1 Answered
Incident Response Policy and Procedures Incident Response Policy and Procedures
0 / 1 Answered
Information Flow Enforcement Information Flow Enforcement
0 / 5 Answered
Information Handling and Retention Information Handling and Retention
0 / 1 Answered
Information In Shared Resources Information In Shared Resources
0 / 1 Answered
Information Security Architecture Information Security Architecture
0 / 2 Answered
Information Security Program Plan Information Security Program Plan
0 / 1 Answered
Information Security Resources Information Security Resources
0 / 1 Answered
Information Sharing Information Sharing
0 / 1 Answered
Information Spillage Response Information Spillage Response
0 / 1 Answered
Information System Component Inventory Information System Component Inventory
0 / 8 Answered
Information System Documentation Information System Documentation
0 / 1 Answered
Information System Monitoring Information System Monitoring
0 / 3 Answered
Insider Threat Program Insider Threat Program
0 / 1 Answered
Least Functionality Least Functionality
0 / 3 Answered
Least Privilege Least Privilege
0 / 1 Answered
Location of Information System Components Location of Information System Components
0 / 1 Answered
Maintenance Monitoring And Information Sharing Maintenance Monitoring And Information Sharing
0 / 1 Answered
Maintenance Personnel Maintenance Personnel
0 / 1 Answered
Maintenance Tools Maintenance Tools
0 / 4 Answered
Media Protection Policy and Procedures Media Protection Policy and Procedures
0 / 1 Answered
Media Sanitization Media Sanitization
0 / 1 Answered
Media Transport Media Transport
0 / 1 Answered
Mission/Business Process Definition Mission/Business Process Definition
0 / 1 Answered
Mobile Code Mobile Code
0 / 2 Answered
Monitoring for Information Disclosure Monitoring for Information Disclosure
0 / 1 Answered
Monitoring Physical Access Monitoring Physical Access
0 / 1 Answered
Non-local Maintenance Non-local Maintenance
0 / 3 Answered
Non-Repudiation Non-Repudiation
0 / 4 Answered
Operations Security Operations Security
0 / 1 Answered
Out-of-Band Channels Out-of-Band Channels
0 / 2 Answered
Personnel Security Policy and Procedures Personnel Security Policy and Procedures
0 / 1 Answered
Physical Access Control Physical Access Control
0 / 2 Answered
Physical and Environmental Protection Policy and P Physical and Environmental Protection Policy and Procedures
0 / 1 Answered
Plan of Action and Milestones Plan of Action and Milestones
0 / 1 Answered
Platform-Independent Applications Platform-Independent Applications
0 / 1 Answered
Protection of Information at Rest Protection of Information at Rest
0 / 1 Answered
Provenance Policy And Procedures Provenance Policy And Procedures
0 / 1 Answered
Publicly Accessible Content Publicly Accessible Content
0 / 1 Answered
Remote Access Remote Access
0 / 2 Answered
Risk Assessment Risk Assessment
0 / 1 Answered
Risk Assessment Policy and Procedures Risk Assessment Policy and Procedures
0 / 1 Answered
Role-Based Security Training Role-Based Security Training
0 / 1 Answered
Security Alerts, Advisories, and Directives Security Alerts, Advisories, and Directives
0 / 1 Answered
Security Assessment and Authorization Policy and P Security Assessment and Authorization Policy and Procedures
0 / 1 Answered
Security Assessments Security Assessments
0 / 3 Answered
Security Authorization Security Authorization
0 / 1 Answered
Security Awareness and Training Policy and Procedu Security Awareness and Training Policy and Procedures
0 / 1 Answered
Security Categorization Security Categorization
0 / 1 Answered
Security Engineering Principles Security Engineering Principles
0 / 1 Answered
Security Impact Analysis Security Impact Analysis
0 / 1 Answered
Security Planning Policy and Procedures Security Planning Policy and Procedures
0 / 1 Answered
Senior Information Security Officer Senior Information Security Officer
0 / 1 Answered
Separation of Duties Separation of Duties
0 / 1 Answered
Software Usage Restrictions Software Usage Restrictions
0 / 2 Answered
Software, Firmware and Information Integrity Software, Firmware and Information Integrity
0 / 3 Answered
Supply Chain Protection Supply Chain Protection
0 / 13 Answered
System and Communications Protection Policy and Pr System and Communications Protection Policy and Procedures
0 / 1 Answered
System and Information Integrity Policy and Proced System and Information Integrity Policy and Procedures
0 / 1 Answered
System and Services Acquisition Policy and Procedu System and Services Acquisition Policy and Procedures
0 / 1 Answered
System Development Life Cycle System Development Life Cycle
0 / 1 Answered
System Interconnections System Interconnections
0 / 4 Answered
System Maintenance Policy and Procedures System Maintenance Policy and Procedures
0 / 1 Answered
System Security Plan System Security Plan
0 / 2 Answered
Tamper Resistance and Detection Tamper Resistance and Detection
0 / 4 Answered
Telecommunications Services Telecommunications Services
0 / 3 Answered
Third-Party Personnel Security Third-Party Personnel Security
0 / 1 Answered
Threat Awareness Program Threat Awareness Program
0 / 1 Answered
Timely Maintenance Timely Maintenance
0 / 1 Answered
Tracking Provenance And Developing A Baseline Tracking Provenance And Developing A Baseline
0 / 1 Answered
Transmission Confidentiality and Integrity Transmission Confidentiality and Integrity
0 / 1 Answered
Trustworthiness Trustworthiness
0 / 1 Answered
Unsupported System Components Unsupported System Components
0 / 2 Answered
Use of External Information Systems Use of External Information Systems
0 / 3 Answered
User-Installed Software User-Installed Software
0 / 1 Answered
Wireless Access Wireless Access
0 / 1 Answered