Control Standards Catalog

Security and privacy control standards described in this control standards catalog have a well-defined organization and structure. For ease of use in the security and privacy control selection and specification process, controls are organized into families (listed below and in the navigation menu to the left). Each family contains controls that are related to the specific topic of the family. A two-character identifier uniquely identifies each control family (e.g., PS for Personnel Security). Security and privacy controls may involve aspects of policy, oversight, supervision, manual processes, and automated mechanisms that are implemented by systems or actions by individuals.

Control Families

AC - Access Control

AT - Awareness and Training

AU - Audit and Accountability

CA - Assessment, Authorization, and Monitoring

CM - Configuration Management

CP - Contingency Planning

IA - Identification and Authentication

IR - Incident Response

MA - Maintenance

MP - Media Protection

PE - Physical and Environmental Protection

PL - Planning

PM - Program Management

PS - Personnel Security

PT - Personally Identifiable Information Processing and Transparency

RA - Risk Assessment

SA - System and Services Acquisition

SC - System and Communications Protection

SI - System and Information Integrity

SR - Supply Chain Risk Management

results matching ""

    No results matching ""