Showing 5 random demo records from library
Please login for full library access
NIST Control (1,213)
| # | Name | Description |
|---|---|---|
| 1 | NIST-SP_800-53r5_IA-2(12): Identification and Authentication (Organizational Users) | Acceptance of PIV Credentials | Control: PIV Credential Acceptance and Verification Control Objective: To ensure that only verified Personal Identity Verification credentials grant access to organizational resources. Description: Implement a system to accept and electronically verify PIV-compliant credentials to ensure the identity of users accessing sensitive information and systems. Control Owners: Security Officer (Information Security Department) Control Impacts: *Enhanced Access Security* By verifying PIV-complia ... |
| 2 | NIST-PF-1.0_CT.PO-P4: Data Lifecycle Management Alignment | Control: NIST-PF-1.0_CT.PO-P4: Data Lifecycle Management Alignment Control Objective: Ensure the integration of data lifecycle management with system development processes. Description: Establish and maintain a framework that aligns the data lifecycle management with the system development lifecycle to enhance data governance and security throughout all phases. Control Owners: Data Governance Officer (Data Management Department) Control Impacts: *Improved Data Governance* Strengthens th ... |
| 3 | NIST-SP_800-53r5_CA-9(1): Internal System Connections | Compliance Checks | Control: Internal Connection Compliance Verification Control Objective: To ensure all internal system connections meet security and privacy compliance requirements. Description: This control mandates the performance of security and privacy compliance checks on system components before establishing internal connections, ensuring adherence to baseline configurations. Control Owners: Chief Security Officer (Security Department) Control Impacts: *Risk Mitigation* By verifying compliance, th ... |
| 4 | NIST-SP_800-53r5_SC-7(8): Boundary Protection | Route Traffic to Authenticated Proxy Servers | Control: Traffic Routing to Authenticated Proxies Control Objective: To ensure that internal communications traffic is securely routed through authenticated proxy servers. Description: This control mandates the routing of internal communications traffic to designated external networks exclusively through authenticated proxy servers, creating a secure buffer against unauthorized access. Control Owners: Network Security Manager (IT Security Department) Control Impacts: *Enhanced Security* ... |
| 5 | NIST-SP_800-53r5_AC-25: Reference Monitor | Control: Reference Validation Mechanism Control Objective: To enforce an organization-defined access control policy effectively and securely. Description: Implement a reference validation mechanism that is tamper-proof, consistently invoked, and suitable for analysis to ensure compliance with access control policies. Control Owners: Chief Information Officer (Information Technology Department) Control Impacts: *Enhanced Security* Protects system integrity by enforcing access restriction ... |