Score of Applied Controls:
15
15 out of 377
Count of Applied Controls:
253
253 out of 377
Risk Assessment
[based on applied Controls]
33
33 out of 100
377 Cntrls
Access Agreements Access Agreements
0 / 2 Answered
Access Control for Mobile Devices Access Control for Mobile Devices
0 / 3 Answered
Access Control for Output Devices Access Control for Output Devices
0 / 2 Answered
Access Control for Transmission Medium Access Control for Transmission Medium
0 / 1 Answered
Access Control Policy and Procedures Access Control Policy and Procedures
0 / 1 Answered
Access Enforcement Access Enforcement
0 / 2 Answered
Access Records Access Records
0 / 2 Answered
Access Restrictions for Change Access Restrictions for Change
0 / 3 Answered
Account Management Account Management
0 / 4 Answered
Acquisitions Acquisitions
0 / 3 Answered
Allocation of Resources Allocation of Resources
0 / 1 Answered
Alternate Processing Site Alternate Processing Site
0 / 3 Answered
Alternate Storage Site Alternate Storage Site
0 / 2 Answered
Alternate Work Site Alternate Work Site
0 / 1 Answered
Application Partitioning Application Partitioning
0 / 2 Answered
Architecture and Provisioning for Name/Address Res Architecture and Provisioning for Name/Address Resolution Service
0 / 1 Answered
Audit and Accountability Policy and Procedures Audit and Accountability Policy and Procedures
0 / 1 Answered
Audit Generation Audit Generation
0 / 5 Answered
Audit Record Retention Audit Record Retention
0 / 2 Answered
Audit Reduction and Report Generation Audit Reduction and Report Generation
0 / 2 Answered
Audit Review, Analysis, and Reporting Audit Review, Analysis, and Reporting
0 / 4 Answered
Audit Storage Capacity Audit Storage Capacity
0 / 1 Answered
Auditable Events Auditable Events
0 / 2 Answered
Authenticator Feedback Authenticator Feedback
0 / 1 Answered
Authenticator Management Authenticator Management
0 / 3 Answered
Baseline Configuration Baseline Configuration
0 / 4 Answered
Boundary Protection Boundary Protection
0 / 4 Answered
Collaborative Computing Devices Collaborative Computing Devices
0 / 2 Answered
Concurrent Session Control Concurrent Session Control
0 / 1 Answered
Configuration Change Control Configuration Change Control
0 / 3 Answered
Configuration Management Plan Configuration Management Plan
0 / 2 Answered
Configuration Management Policy and Procedures Configuration Management Policy and Procedures
0 / 1 Answered
Configuration Settings Configuration Settings
0 / 2 Answered
Contacts with Security Groups and Associations Contacts with Security Groups and Associations
0 / 1 Answered
Content of Audit Records Content of Audit Records
0 / 3 Answered
Contingency Plan Contingency Plan
0 / 4 Answered
Contingency Plan Testing and Exercises Contingency Plan Testing and Exercises
0 / 4 Answered
Contingency Planning Policy and Procedures Contingency Planning Policy and Procedures
0 / 1 Answered
Contingency Training Contingency Training
0 / 3 Answered
Continuous Monitoring Continuous Monitoring
0 / 3 Answered
Controlled Maintenance Controlled Maintenance
0 / 2 Answered
Critical Infrastructure Plan Critical Infrastructure Plan
0 / 1 Answered
Cryptographic Key Establishment and Management Cryptographic Key Establishment and Management
0 / 3 Answered
Cryptographic Module Authentication Cryptographic Module Authentication
0 / 1 Answered
Delivery and Removal Delivery and Removal
0 / 1 Answered
Denial of Service Protection Denial of Service Protection
0 / 2 Answered
Developer Configuration Management Developer Configuration Management
0 / 2 Answered
Developer Security Architecture and Design Developer Security Architecture and Design
0 / 2 Answered
Developer Security Testing Developer Security Testing
0 / 2 Answered
Developer-Provided Training Developer-Provided Training
0 / 1 Answered
Development Process, Standards, and Tools Development Process, Standards, and Tools
0 / 2 Answered
Device Identification and Authentication Device Identification and Authentication
0 / 3 Answered
Emergency Lighting Emergency Lighting
0 / 2 Answered
Emergency Power Emergency Power
0 / 2 Answered
Emergency Shutoff Emergency Shutoff
0 / 1 Answered
Enterprise Architecture Enterprise Architecture
0 / 1 Answered
Error Handling Error Handling
0 / 1 Answered
External Information System Services External Information System Services
0 / 3 Answered
Fail in Known State Fail in Known State
0 / 1 Answered
Fail-Safe Procedures Fail-Safe Procedures
0 / 1 Answered
Fire Protection Fire Protection
0 / 4 Answered
Flaw Remediation Flaw Remediation
0 / 4 Answered
Identification and Authentication (Non-Organizatio Identification and Authentication (Non-Organizational Users)
0 / 2 Answered
Identification and Authentication (Organizational Identification and Authentication (Organizational Users)
0 / 4 Answered
Identification and Authentication Policy and Proce Identification and Authentication Policy and Procedures
0 / 1 Answered
Identifier Management Identifier Management
0 / 2 Answered
Incident Handling Incident Handling
0 / 4 Answered
Incident Monitoring Incident Monitoring
0 / 2 Answered
Incident Reporting Incident Reporting
0 / 3 Answered
Incident Response Assistance Incident Response Assistance
0 / 3 Answered
Incident Response Plan Incident Response Plan
0 / 1 Answered
Incident Response Policy and Procedures Incident Response Policy and Procedures
0 / 1 Answered
Incident Response Testing and Exercises Incident Response Testing and Exercises
0 / 2 Answered
Incident Response Training Incident Response Training
0 / 2 Answered
Information Flow Enforcement Information Flow Enforcement
0 / 2 Answered
Information in Shared Resources Information in Shared Resources
0 / 2 Answered
Information Input Validation Information Input Validation
0 / 2 Answered
Information Output Handling and Retention Information Output Handling and Retention
0 / 1 Answered
Information Security Architecture Information Security Architecture
0 / 2 Answered
Information Security Measures of Performance Information Security Measures of Performance
0 / 1 Answered
Information Security Program Plan Information Security Program Plan
0 / 1 Answered
Information Security Resources Information Security Resources
0 / 1 Answered
Information Security Workforce Information Security Workforce
0 / 1 Answered
Information System Backup Information System Backup
0 / 4 Answered
Information System Component Inventory Information System Component Inventory
0 / 4 Answered
Information System Connections Information System Connections
0 / 3 Answered
Information System Documentation Information System Documentation
0 / 1 Answered
Information System Inventory Information System Inventory
0 / 1 Answered
Information System Monitoring Information System Monitoring
0 / 3 Answered
Information System Recovery and Reconstitution Information System Recovery and Reconstitution
0 / 4 Answered
Insider Threat Program Insider Threat Program
0 / 1 Answered
Internal System Connections Internal System Connections
0 / 2 Answered
Least Functionality Least Functionality
0 / 3 Answered
Least Privilege Least Privilege
0 / 3 Answered
Life Cycle Support Life Cycle Support
0 / 1 Answered
Location of Information System Components Location of Information System Components
0 / 2 Answered
Maintenance Personnel Maintenance Personnel
0 / 3 Answered
Maintenance Tools Maintenance Tools
0 / 3 Answered
Malicious Code Protection Malicious Code Protection
0 / 3 Answered
Media Access Media Access
0 / 1 Answered
Media Marking Media Marking
0 / 1 Answered
Media Protection Policy and Procedures Media Protection Policy and Procedures
0 / 1 Answered
Media Sanitization Media Sanitization
0 / 3 Answered
Media Storage Media Storage
0 / 2 Answered
Media Transport Media Transport
0 / 3 Answered
Media Use Media Use
0 / 3 Answered
Memory Protection Memory Protection
0 / 1 Answered
Mission/Business Process Definition Mission/Business Process Definition
0 / 1 Answered
Mobile Code Mobile Code
0 / 2 Answered
Monitoring Physical Access Monitoring Physical Access
0 / 3 Answered
Network Disconnect Network Disconnect
0 / 1 Answered
Non-Local Maintenance Non-Local Maintenance
0 / 4 Answered
Non-repudiation Non-repudiation
0 / 2 Answered
Penetration Penetration
0 / 2 Answered
Permitted Actions without Identification or Authen Permitted Actions without Identification or Authentication
0 / 1 Answered
Personnel Sanctions Personnel Sanctions
0 / 1 Answered
Personnel Screening Personnel Screening
0 / 2 Answered
Personnel Security Policy and Procedures Personnel Security Policy and Procedures
0 / 1 Answered
Personnel Termination Personnel Termination
0 / 3 Answered
Personnel Transfer Personnel Transfer
0 / 1 Answered
Physical Access Authorizations Physical Access Authorizations
0 / 2 Answered
Physical Access Control Physical Access Control
0 / 3 Answered
Physical and Environmental Protection Policy and P Physical and Environmental Protection Policy and Procedures
0 / 1 Answered
Plan of Action and Milestones Plan of Action and Milestones
0 / 2 Answered
Plan of Action and Milestones Process Plan of Action and Milestones Process
0 / 1 Answered
Port and I/O Device Access Port and I/O Device Access
0 / 1 Answered
Position Categorization Position Categorization
0 / 1 Answered
Power Equipment and Power Cabling Power Equipment and Power Cabling
0 / 2 Answered
Predictable Failure Prevention Predictable Failure Prevention
0 / 1 Answered
Prev Logon Notification Prev Logon Notification
0 / 1 Answered
Process Isolation Process Isolation
0 / 2 Answered
Protection of Audit Information Protection of Audit Information
0 / 4 Answered
Protection of Information at Rest Protection of Information at Rest
0 / 2 Answered
Public Key Infrastructure Certificates Public Key Infrastructure Certificates
0 / 1 Answered
Publicly Accessible Content Publicly Accessible Content
0 / 1 Answered
Remote Access Remote Access
0 / 3 Answered
Response to Audit Processing Failures Response to Audit Processing Failures
0 / 3 Answered
Risk Assessment Risk Assessment
0 / 1 Answered
Risk Assessment Policy and Procedures Risk Assessment Policy and Procedures
0 / 1 Answered
Risk Management Strategy Risk Management Strategy
0 / 1 Answered
Rules of Behavior Rules of Behavior
0 / 2 Answered
Safe Mode Safe Mode
0 / 1 Answered
Secure Name /Address Resolution Service (Authorita Secure Name /Address Resolution Service (Authoritative Source)
0 / 2 Answered
Secure Name /Address Resolution Service (Recursive Secure Name /Address Resolution Service (Recursive or Caching Resolver)
0 / 1 Answered
Security Alerts, Advisories, and Directives Security Alerts, Advisories, and Directives
0 / 2 Answered
Security Assessment and Authorization Policies and Security Assessment and Authorization Policies and Procedures
0 / 1 Answered
Security Assessments Security Assessments
0 / 4 Answered
Security Authorization Security Authorization
0 / 1 Answered
Security Authorization Process Security Authorization Process
0 / 1 Answered
Security Awareness Security Awareness
0 / 3 Answered
Security Awareness and Training Policy and Procedu Security Awareness and Training Policy and Procedures
0 / 1 Answered
Security Categorization Security Categorization
0 / 1 Answered
Security Concept Of Operations Security Concept Of Operations
0 / 1 Answered
Security Engineering Principles Security Engineering Principles
0 / 1 Answered
Security Function Isolation Security Function Isolation
0 / 2 Answered
Security Functionality Verification Security Functionality Verification
0 / 2 Answered
Security Impact Analysis Security Impact Analysis
0 / 3 Answered
Security Planning Policy and Procedures Security Planning Policy and Procedures
0 / 1 Answered
Security Training Security Training
0 / 2 Answered
Security Training Records Security Training Records
0 / 1 Answered
Senior Information Security Officer Senior Information Security Officer
0 / 1 Answered
Separation of Duties Separation of Duties
0 / 1 Answered
Session Authenticity Session Authenticity
0 / 2 Answered
Session Lock P3 Not Selected Session Lock P3 Not Selected
0 / 1 Answered
Software and Information Integrity Software and Information Integrity
0 / 3 Answered
Software Usage Restrictions Software Usage Restrictions
0 / 2 Answered
Spam Protection Spam Protection
0 / 2 Answered
Supply Chain Protection Supply Chain Protection
0 / 2 Answered
System and Communications Protection Policy and Pr System and Communications Protection Policy and Procedures
0 / 1 Answered
System and Information Integrity Policy and Proced System and Information Integrity Policy and Procedures
0 / 1 Answered
System and Services Acquisition Policy and Procedu System and Services Acquisition Policy and Procedures
0 / 1 Answered
System Maintenance Policy and Procedures System Maintenance Policy and Procedures
0 / 1 Answered
System Security Plan System Security Plan
0 / 1 Answered
System Use Notification System Use Notification
0 / 1 Answered
Telecommunications Services Telecommunications Services
0 / 3 Answered
Temperature and Humidity Controls Temperature and Humidity Controls
0 / 2 Answered
Testing, Training, and Monitoring Testing, Training, and Monitoring
0 / 1 Answered
Third-Party Personnel Security Third-Party Personnel Security
0 / 1 Answered
Threat Awareness Program Threat Awareness Program
0 / 1 Answered
Time Stamps Time Stamps
0 / 3 Answered
Timely Maintenance Timely Maintenance
0 / 2 Answered
Transmission Integrity Transmission Integrity
0 / 2 Answered
Unsuccessful Login Attempts Unsuccessful Login Attempts
0 / 2 Answered
Use of Cryptography Use of Cryptography
0 / 1 Answered
Use of External Information Systems Use of External Information Systems
0 / 3 Answered
User-Based Collaboration and Information Sharing User-Based Collaboration and Information Sharing
0 / 2 Answered
User-Installed Software User-Installed Software
0 / 2 Answered
Voice Over Internet Protocol Voice Over Internet Protocol
0 / 1 Answered
Vulnerability Scanning Vulnerability Scanning
0 / 4 Answered
Water Damage Protection Water Damage Protection
0 / 2 Answered
Wireless Access Wireless Access
0 / 4 Answered