Introduction - Homeland Security | Home



Test_2015-01-15-1052[project acronym not provided][Enter system number]Requirements Traceability Matrix(RTM)Prepared forDepartment of Homeland Security16 January 2015IntroductionThe Requirements Traceability Matrix (RTM) relates requirements from requirement source documents to the security certification process. It ensures that all security requirements are identified and investigated. Each row of the matrix identifies a specific requirement and provides the details of how it was tested or analyzed and the results.The table is arranged to display the system security requirements from the applicable regulation documents, which are listed below:NIST 800-53 w/ DHS 4300A - Department of Homeland Security Sensitive Systems Policy Directive 4300A Version 10The columns of the RTM are defined as follows:Control Ref.Refers to the name (short title) of the source document and the ID or paragraph number of the listed control or requirement.Security Req./ControlShort title describing the security control or requirement (and the text of the control/requirement, which may be paraphrased for brevity).Security CategoryCategory and class associated with the security control.Control TypeAuto populated if the requirement is identified with two security control types: common and system-specific; i.e., a part of the requirement is identified as common type and another part of it is system-mon. Auto populated if the requirement is designated to one or more information systems.Hybrid. Auto populated if the requirement is identified with two security control types: common and system-specific; i.e., a part of the requirement is identified as common type and another part of it is system-specific.System-Specific. Auto populated if the requirement is assigned to a specific information system.Inherited. Auto populated if the requirement is inherited from another system.Not Specified. Auto populated if the requirement does not require any security control.Planned Imp.Auto populated if the requirement is identified with two security control types: common and system-specific; i.e., a part of the requirement is identified as common type and another part of it is system-mon. Auto populated if the requirement is designated to one or more information systems.Hybrid. Auto populated if the requirement is identified with two security control types: common and system-specific; i.e., a part of the requirement is identified as common type and another part of it is system-specific.System-Specific. Auto populated if the requirement is assigned to a specific information system.Inherited. Auto populated if the requirement is inherited from another system.Not Specified. Auto populated if the requirement does not require any security control.Actual Imp.Identification whether the control is in place and how it has been implemented, or differences in how the control was implemented compared to what was planned.As Planned. Auto populated if Implemented control status is selected and Planned Implementation column does not read Not Entered.Pending Implementation. Auto populated if Planned control status is selected and Planned Implementation column does not read Not Entered.Partially Implemented. Auto populated if Partial control status is selected and Planned Implementation column does not read Not Entered.Not Entered. Auto populated if the Planned Implementation column reads Not Entered.Not Assigned. Auto populated if the Control Type and/or Control Status were not selected.Test #(s)The ID number of the specific test procedure(s) that is used to validate the requirement or control.-. The control is not applicable.MethodsThe evaluation method (or methods) used to assess the requirement.I. Interview.E. Examine.T. Testing.-. The control is not applicable.TailoredThe tailored control that modifies the control set.In. The control was tailored in.Out. The control was tailored out.- . The control was not affected from tailoring.OverlaysThe controls included or excluded from the controls already in the baseline.In. The control was added in to the controls in the baseline. Out. The control was removed from the controls in the baseline. - . The control was not affected from overlay(s).ResultThe summarized result for the test procedures that cover the requirement/control.Met - Requirement fully satisfied.Not Met - Requirement not satisfied.Not Applicable - Requirement not applicable.NotesIdentifies the factor, and the basis for; any tailoring of controls from the NIST 800-53 w/ DHS 4300A baseline or organizational overlay that was used for the system.Requirements Traceability MatrixControl Ref.Security Req./ControlSecurity CategoryControl TypePlanned Imp.Actual Imp.Test #(s)MethodsTailoredResultNotesIETINOUTNIST 800-53 w/ DHS 4300A AC-1Access Control Policy and ProceduresAccess Control Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedAC-1.1, AC-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-1 (DHS-5.1.1.c)Sharing of Personal PasswordsAccess Control Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedAC-1(DHS-5.1.1.c)-XX--Not MetNoneNIST 800-53 w/ DHS 4300A AC-2Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-2 (1)Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-2 (2)Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-2 (3)Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-2 (4)Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-2 (5)Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-2 (11)Account ManagementAccount Management (T)Not SpecifiedNot EnteredNot AssignedAC-2(11).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-3Access EnforcementAccess Enforcement (T)Not SpecifiedNot EnteredNot AssignedAC-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-3 (DHS-5.1.1.d)Access EnforcementAccess Enforcement (T)Not SpecifiedNot EnteredNot AssignedAC-3(DHS-5.1.1.d)-XX--Not MetNoneNIST 800-53 w/ DHS 4300A AC-4Information Flow EnforcementInformation Flow Enforcement (T)Not SpecifiedNot EnteredNot AssignedAC-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-5Separation of DutiesSeparation of Duties (T)Not SpecifiedNot EnteredNot AssignedAC-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6 (1)Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6 (2)Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6 (3)Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6 (5)Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6 (9)Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6(9).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-6 (10)Least PrivilegeLeast Privilege (T)Not SpecifiedNot EnteredNot AssignedAC-6(10).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-7Unsuccessful Logon AttemptsUnsuccessful Logon Attempts (T)Not SpecifiedNot EnteredNot AssignedAC-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-8System Use NotificationSystem Use Notification (T)Not SpecifiedNot EnteredNot AssignedAC-8.1, AC-8.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-8 (DHS-4.8.5.d)System Use NotificationSystem Use Notification (T)Not SpecifiedNot EnteredNot AssignedAC-8(DHS-4.8.5.d)-XX--Not MetNoneNIST 800-53 w/ DHS 4300A AC-10Concurrent Session ControlConcurrent Session Control (T)Not SpecifiedNot EnteredNot AssignedAC-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-11Session LockSession Lock (T)Not SpecifiedNot EnteredNot AssignedAC-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-11 (1)Session LockSession Lock (T)Not SpecifiedNot EnteredNot AssignedAC-11(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-12Session TerminationSession Termination (T)Not SpecifiedNot EnteredNot AssignedAC-12.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-14Permitted Actions without Identification or AuthenticationPermitted Actions without Identification or Authentication (T)Not SpecifiedNot EnteredNot AssignedAC-14.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-17Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-17 (1)Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-17 (2)Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-17 (3)Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-17 (4)Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-17 (DHS-5.4.1.b)Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17(DHS-5.4.1.b)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A AC-17 (DHS-5.4.1.c)Remote AccessRemote Access (T)Not SpecifiedNot EnteredNot AssignedAC-17(DHS-5.4.1.c)-XX--Not MetNoneNIST 800-53 w/ DHS 4300A AC-18Wireless AccessWireless Access (T)Not SpecifiedNot EnteredNot AssignedAC-18.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-18 (1)Wireless AccessWireless Access (T)Not SpecifiedNot EnteredNot AssignedAC-18(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-18 (4)Wireless AccessWireless Access (T)Not SpecifiedNot EnteredNot AssignedAC-18(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-18 (5)Wireless AccessWireless Access (T)Not SpecifiedNot EnteredNot AssignedAC-18(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-19Access Control for Mobile DevicesAccess Control for Mobile Devices (T)Not SpecifiedNot EnteredNot AssignedAC-19.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-19 (5)Access Control for Mobile DevicesAccess Control for Mobile Devices (T)Not SpecifiedNot EnteredNot AssignedAC-19(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-20Use of External Information SystemsUse of External Information Systems (T)Not SpecifiedNot EnteredNot AssignedAC-20.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-20 (1)Use of External Information SystemsUse of External Information Systems (T)Not SpecifiedNot EnteredNot AssignedAC-20(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-20 (2)Use of External Information SystemsUse of External Information Systems (T)Not SpecifiedNot EnteredNot AssignedAC-20(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-21User-Based Collaboration and Information SharingInformation Sharing (T)Not SpecifiedNot EnteredNot AssignedAC-21.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AC-22Publicly Accessible ContentPublicly Accessible Content (T)Not SpecifiedNot EnteredNot AssignedAC-22.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AT-1Security Awareness and Training Policy and ProceduresSecurity Awareness and Training Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedAT-1.1, AT-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A AT-2Security AwarenessSecurity Awareness Training (O)Not SpecifiedNot EnteredNot AssignedAT-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AT-2 (2)Security AwarenessSecurity Awareness Training (O)Not SpecifiedNot EnteredNot AssignedAT-2(2).1, AT-2(2).1, AT-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AT-3Security TrainingRole-Based Security Training (O)Not SpecifiedNot EnteredNot AssignedAT-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AT-4Security Training RecordsSecurity Training Records (O)Not SpecifiedNot EnteredNot AssignedAT-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-1Audit and Accountability Policy and ProceduresAudit and Accountability Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedAU-1.1, AU-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-2Audit EventsAudit Events (T)Not SpecifiedNot EnteredNot AssignedAU-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-2 (3)Auditable EventsAudit Events (T)Not SpecifiedNot EnteredNot AssignedAU-2(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-3Content of Audit RecordsContent of Audit Records (T)Not SpecifiedNot EnteredNot AssignedAU-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-3 (1)Content of Audit RecordsContent of Audit Records (T)Not SpecifiedNot EnteredNot AssignedAU-3(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-3 (2)Content of Audit RecordsContent of Audit Records (T)Not SpecifiedNot EnteredNot AssignedAU-3(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-4Audit Storage CapacityAudit Storage Capacity (T)Not SpecifiedNot EnteredNot AssignedAU-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-5Response to Audit Processing FailuresResponse to Audit Processing Failures (T)Not SpecifiedNot EnteredNot AssignedAU-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-5 (1)Response to Audit Processing FailuresResponse to Audit Processing Failures (T)Not SpecifiedNot EnteredNot AssignedAU-5(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-5 (2)Response to Audit Processing FailuresResponse to Audit Processing Failures (T)Not SpecifiedNot EnteredNot AssignedAU-5(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-6Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6.1, AU-6.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-6 (1)Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-6 (3)Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-6 (5)Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-6 (6)Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6(6).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-6 (DHS-5.3.b)Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6(DHS-5.3.b)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A AU-6 (DHS-5.4.6.f)Audit Review, Analysis, and ReportingAudit Review, Analysis, and Reporting (T)Not SpecifiedNot EnteredNot AssignedAU-6(DHS-5.4.6.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A AU-7Audit Reduction and Report GenerationAudit Reduction and Report Generation (T)Not SpecifiedNot EnteredNot AssignedAU-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-7 (1)Audit Reduction and Report GenerationAudit Reduction and Report Generation (T)Not SpecifiedNot EnteredNot AssignedAU-7(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-8Time StampsTime Stamps (T)Not SpecifiedNot EnteredNot AssignedAU-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-8 (1)Time StampsTime Stamps (T)Not SpecifiedNot EnteredNot AssignedAU-8(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-9Protection of Audit InformationProtection of Audit Information (T)Not SpecifiedNot EnteredNot AssignedAU-9.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-9 (2)Protection of Audit InformationProtection of Audit Information (T)Not SpecifiedNot EnteredNot AssignedAU-9(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-9 (3)Protection of Audit InformationProtection of Audit Information (T)Not SpecifiedNot EnteredNot AssignedAU-9(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-9 (4)Protection of Audit InformationProtection of Audit Information (T)Not SpecifiedNot EnteredNot AssignedAU-9(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-10Non-repudiationNon-repudiation (T)Not SpecifiedNot EnteredNot AssignedAU-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-11Audit Record RetentionAudit Record Retention (T)Not SpecifiedNot EnteredNot AssignedAU-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-11 (DHS-5.3.d)Audit Record RetentionAudit Record Retention (T)Not SpecifiedNot EnteredNot AssignedAU-11(DHS-5.3.d)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A AU-12Audit GenerationAudit Generation (T)Not SpecifiedNot EnteredNot AssignedAU-12.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-12 (1)Audit GenerationAudit Generation (T)Not SpecifiedNot EnteredNot AssignedAU-12(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A AU-12 (3)Audit GenerationAudit Generation (T)Not SpecifiedNot EnteredNot AssignedAU-12(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-1Security Assessment and Authorization Policies and ProceduresSecurity Assessment and Authorization Policies and Procedures (M)Not SpecifiedNot EnteredNot AssignedCA-1.1, CA-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-1 (DHS-3.9.m)Security Assessment and Authorization Policies and ProceduresSecurity Assessment and Authorization Policies and Procedures (M)Not SpecifiedNot EnteredNot AssignedCA-1(DHS-3.9.m)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-1 (DHS-3.18.c)Security Assessment and Authorization Policies and ProceduresSecurity Assessment and Authorization Policies and Procedures (M)Not SpecifiedNot EnteredNot AssignedCA-1(DHS-3.18.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-1 (DHS-3.18.d)Security Assessment and Authorization Policies and ProceduresSecurity Assessment and Authorization Policies and Procedures (M)Not SpecifiedNot EnteredNot AssignedCA-1(DHS-3.18.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-1 (DHS-3.18.e)Security Assessment and Authorization Policies and ProceduresSecurity Assessment and Authorization Policies and Procedures (M)Not SpecifiedNot EnteredNot AssignedCA-1(DHS-3.18.e)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-2Security AssessmentsSecurity Assessments (M)Not SpecifiedNot EnteredNot AssignedCA-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-2 (1)Security AssessmentsSecurity Assessments (M)Not SpecifiedNot EnteredNot AssignedCA-2(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-2 (2)Security AssessmentsSecurity Assessments (M)Not SpecifiedNot EnteredNot AssignedCA-2(2).1, CA-2.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-2 (DHS-3.18.b)Security AssessmentsSecurity Assessments (M)Not SpecifiedNot EnteredNot AssignedCA-2(DHS-3.18.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-3Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (5)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (DHS-5.4.3.b)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(DHS-5.4.3.b)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (DHS-5.4.3.c)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(DHS-5.4.3.c)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (DHS-5.4.3.d)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(DHS-5.4.3.d)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (DHS-5.4.3.f)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(DHS-5.4.3.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (DHS-5.4.3.m)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(DHS-5.4.3.m)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-3 (DHS-5.4.3.n)Information System ConnectionsSystem Interconnections (M)Not SpecifiedNot EnteredNot AssignedCA-3(DHS-5.4.3.n)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-5Plan of Action and MilestonesPlan of Action and Milestones (M)Not SpecifiedNot EnteredNot AssignedCA-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-5 (DHS-2.2.8.d)Plan of Action and MilestonesPlan of Action and Milestones (M)Not SpecifiedNot EnteredNot AssignedCA-5(DHS-2.2.8.d)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-6Security AuthorizationSecurity Authorization (M)Not SpecifiedNot EnteredNot AssignedCA-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-6 (DHS-3.9.h)Security AuthorizationSecurity Authorization (M)Not SpecifiedNot EnteredNot AssignedCA-6(DHS-3.9.h)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CA-7Continuous MonitoringContinuous Monitoring (M)Not SpecifiedNot EnteredNot AssignedCA-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-7 (1)Continuous MonitoringContinuous Monitoring (M)Not SpecifiedNot EnteredNot AssignedCA-7(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-7 (DHS-4.6.3.a)Continuous MonitoringContinuous Monitoring (M)Not SpecifiedNot EnteredNot AssignedCA-7(DHS-4.6.3.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-8Penetration TestingPenetration Testing (M)Not SpecifiedNot EnteredNot AssignedCA-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CA-9Internal System ConnectionsInternal System Connections (M)Not SpecifiedNot EnteredNot AssignedCA-9.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-1Configuration Management Policy and ProceduresConfiguration Management Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedCM-1.1, CM-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-2Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-2 (1)Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-2 (2)Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-2 (3)Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-2 (7)Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2(7).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-2 (DHS-3.9.b)Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2(DHS-3.9.b)-XX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-2 (DHS-4.12.b)Baseline ConfigurationBaseline Configuration (O)Not SpecifiedNot EnteredNot AssignedCM-2(DHS-4.12.b)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-3Configuration Change ControlConfiguration Change Control (O)Not SpecifiedNot EnteredNot AssignedCM-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-3 (1)Configuration Change ControlConfiguration Change Control (O)Not SpecifiedNot EnteredNot AssignedCM-3(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-3 (2)Configuration Change ControlConfiguration Change Control (O)Not SpecifiedNot EnteredNot AssignedCM-3(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-3 (DHS-2.1.8.g)Configuration Change ControlConfiguration Change Control (O)Not SpecifiedNot EnteredNot AssignedCM-3(DHS-2.1.8.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-3 (DHS-5.4.3.l)Configuration Change ControlConfiguration Change Control (O)Not SpecifiedNot EnteredNot AssignedCM-3(DHS-5.4.3.l)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-4Security Impact AnalysisSecurity Impact Analysis (O)Not SpecifiedNot EnteredNot AssignedCM-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-4 (1)Security Impact AnalysisSecurity Impact Analysis (O)Not SpecifiedNot EnteredNot AssignedCM-4(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-5Access Restrictions for ChangeAccess Restrictions for Change (O)Not SpecifiedNot EnteredNot AssignedCM-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-5 (1)Access Restrictions for ChangeAccess Restrictions for Change (O)Not SpecifiedNot EnteredNot AssignedCM-5(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-5 (2)Access Restrictions for ChangeAccess Restrictions for Change (O)Not SpecifiedNot EnteredNot AssignedCM-5(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-5 (3)Access Restrictions for ChangeAccess Restrictions for Change (O)Not SpecifiedNot EnteredNot AssignedCM-5(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-6Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (1)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (2)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-3.7.e)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-3.7.e)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-3.7.f)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-3.7.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-3.7.g)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-3.7.g)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-4.5.2.b)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-4.5.2.b)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-4.8.4.a)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-4.8.4.a)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-4.12.f)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-4.12.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-4.12.j)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-4.12.j)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-5.4.5.d)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-5.4.5.d)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-6 (DHS-5.4.5.e)Configuration SettingsConfiguration Settings (O)Not SpecifiedNot EnteredNot AssignedCM-6(DHS-5.4.5.e)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-7Least FunctionalityLeast Functionality (O)Not SpecifiedNot EnteredNot AssignedCM-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-7 (1)Least FunctionalityLeast Functionality (O)Not SpecifiedNot EnteredNot AssignedCM-7(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-7 (2)Least FunctionalityLeast Functionality (O)Not SpecifiedNot EnteredNot AssignedCM-7(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-7 (5)Least FunctionalityLeast Functionality (O)Not SpecifiedNot EnteredNot AssignedCM-7(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-7 (DHS-4.8.6.a)Least FunctionalityLeast Functionality (O)Not SpecifiedNot EnteredNot AssignedCM-7(DHS-4.8.6.a)-XX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-7 (DHS-5.4.5.f)Least FunctionalityLeast Functionality (O)Not SpecifiedNot EnteredNot AssignedCM-7(DHS-5.4.5.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CM-8Information System Component InventoryInformation System Component Inventory (O)Not SpecifiedNot EnteredNot AssignedCM-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-8 (1)Information System Component InventoryInformation System Component Inventory (O)Not SpecifiedNot EnteredNot AssignedCM-8(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-8 (2)Information System Component InventoryInformation System Component Inventory (O)Not SpecifiedNot EnteredNot AssignedCM-8(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-8 (3)Information System Component InventoryInformation System Component Inventory (O)Not SpecifiedNot EnteredNot AssignedCM-8(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-8 (4)Information System Component InventoryInformation System Component Inventory (O)Not SpecifiedNot EnteredNot AssignedCM-8(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-8 (5)Information System Component InventoryInformation System Component Inventory (O)Not SpecifiedNot EnteredNot AssignedCM-8(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-9Configuration Management PlanConfiguration Management Plan (O)Not SpecifiedNot EnteredNot AssignedCM-9.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-10Software Usage RestrictionsSW Usage Restrictions (O)Not SpecifiedNot EnteredNot AssignedCM-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CM-11User-Installed SoftwareUser-Installed SW (O)Not SpecifiedNot EnteredNot AssignedCM-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-1Contingency Planning Policy and ProceduresContingency Planning Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedCP-1.1, CP-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-1 (DHS-3.5.1.a)Contingency Planning Policy and ProceduresContingency Planning Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedCP-1(DHS-3.5.1.a)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CP-1 (DHS-3.5.2.d)Contingency Planning Policy and ProceduresContingency Planning Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedCP-1(DHS-3.5.2.d)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CP-2Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2.1, CP-2.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (1)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (2)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (3)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (4)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (5)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (8)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(8).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-2 (DHS-3.5.2.e)Contingency PlanContingency Plan (O)Not SpecifiedNot EnteredNot AssignedCP-2(DHS-3.5.2.e)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CP-3Contingency TrainingContingency Training (O)Not SpecifiedNot EnteredNot AssignedCP-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-3 (1)Contingency TrainingContingency Training (O)Not SpecifiedNot EnteredNot AssignedCP-3(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-4Contingency Plan Testing and ExercisesContingency Plan Testing (O)Not SpecifiedNot EnteredNot AssignedCP-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-4 (1)Contingency Plan Testing and ExercisesContingency Plan Testing (O)Not SpecifiedNot EnteredNot AssignedCP-4(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-4 (2)Contingency Plan Testing and ExercisesContingency Plan Testing (O)Not SpecifiedNot EnteredNot AssignedCP-4(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-4 (DHS-3.5.2.f)Contingency Plan Testing and ExercisesContingency Plan Testing (O)Not SpecifiedNot EnteredNot AssignedCP-4(DHS-3.5.2.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A CP-6Alternate Storage SiteAlternate Storage Site (O)Not SpecifiedNot EnteredNot AssignedCP-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-6 (1)Alternate Storage SiteAlternate Storage Site (O)Not SpecifiedNot EnteredNot AssignedCP-6(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-6 (2)Alternate Storage SiteAlternate Storage Site (O)Not SpecifiedNot EnteredNot AssignedCP-6(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-6 (3)Alternate Storage SiteAlternate Storage Site (O)Not SpecifiedNot EnteredNot AssignedCP-6(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-7Alternate Processing SiteAlternate Processing Site (O)Not SpecifiedNot EnteredNot AssignedCP-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-7 (1)Alternate Processing SiteAlternate Processing Site (O)Not SpecifiedNot EnteredNot AssignedCP-7(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-7 (2)Alternate Processing SiteAlternate Processing Site (O)Not SpecifiedNot EnteredNot AssignedCP-7(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-7 (3)Alternate Processing SiteAlternate Processing Site (O)Not SpecifiedNot EnteredNot AssignedCP-7(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-7 (4)Alternate Processing SiteAlternate Processing Site (O)Not SpecifiedNot EnteredNot AssignedCP-7(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-8Telecommunications ServicesTelecommunications Services (O)Not SpecifiedNot EnteredNot AssignedCP-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-8 (1)Telecommunications ServicesTelecommunications Services (O)Not SpecifiedNot EnteredNot AssignedCP-8(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-8 (2)Telecommunications ServicesTelecommunications Services (O)Not SpecifiedNot EnteredNot AssignedCP-8(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-8 (3)Telecommunications ServicesTelecommunications Services (O)Not SpecifiedNot EnteredNot AssignedCP-8(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-8 (4)Telecommunications ServicesTelecommunications Services (O)Not SpecifiedNot EnteredNot AssignedCP-8(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-9Information System BackupInformation System Backup (O)Not SpecifiedNot EnteredNot AssignedCP-9.1, CP-9.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-9 (1)Information System BackupInformation System Backup (O)Not SpecifiedNot EnteredNot AssignedCP-9(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-9 (2)Information System BackupInformation System Backup (O)Not SpecifiedNot EnteredNot AssignedCP-9(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-9 (3)Information System BackupInformation System Backup (O)Not SpecifiedNot EnteredNot AssignedCP-9(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-9 (5)Information System BackupInformation System Backup (O)Not SpecifiedNot EnteredNot AssignedCP-9(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-10Information System Recovery and ReconstitutionInformation System Recovery and Reconstitution (O)Not SpecifiedNot EnteredNot AssignedCP-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-10 (2)Information System Recovery and ReconstitutionInformation System Recovery and Reconstitution (O)Not SpecifiedNot EnteredNot AssignedCP-10(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A CP-10 (4)Information System Recovery and ReconstitutionInformation System Recovery and Reconstitution (O)Not SpecifiedNot EnteredNot AssignedCP-10(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-1Identification and Authentication Policy and ProceduresIdentification and Authentication Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedIA-1.1, IA-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-1 (DHS-1.6.d)Identification and Authentication Policy and ProceduresIdentification and Authentication Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedIA-1(DHS-1.6.d)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A IA-1 (DHS-3.14.7.a)Identification and Authentication Policy and ProceduresIdentification and Authentication Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedIA-1(DHS-3.14.7.a)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A IA-1 (DHS-3.14.7.c)Identification and Authentication Policy and ProceduresIdentification and Authentication Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedIA-1(DHS-3.14.7.c)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A IA-1 (DHS-3.14.7.f)Identification and Authentication Policy and ProceduresIdentification and Authentication Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedIA-1(DHS-3.14.7.f)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A IA-2Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (1)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (2)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (3)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (4)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (8)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(8).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (9)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(9).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (11)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(11).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (12)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(12).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-2 (DHS-5.1.d)Identification and Authentication (Organizational Users)Identification and Authentication (Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-2(DHS-5.1.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-3Device Identification and AuthenticationDevice Identification and Authentication (T)Not SpecifiedNot EnteredNot AssignedIA-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-4Identifier ManagementIdentifier Management (T)Not SpecifiedNot EnteredNot AssignedIA-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-5Authenticator ManagementAuthenticator Management (T)Not SpecifiedNot EnteredNot AssignedIA-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-5 (1)Authenticator ManagementAuthenticator Management (T)Not SpecifiedNot EnteredNot AssignedIA-5(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-5 (2)Authenticator ManagementAuthenticator Management (T)Not SpecifiedNot EnteredNot AssignedIA-5(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-5 (3)Authenticator ManagementAuthenticator Management (T)Not SpecifiedNot EnteredNot AssignedIA-5(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-5 (11)Authenticator ManagementAuthenticator Management (T)Not SpecifiedNot EnteredNot AssignedIA-5(11).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-5 (DHS-5.1.e)Authenticator ManagementAuthenticator Management (T)Not SpecifiedNot EnteredNot AssignedIA-5(DHS-5.1.e)XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-6Authenticator FeedbackAuthenticator Feedback (T)Not SpecifiedNot EnteredNot AssignedIA-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-7Cryptographic Module AuthenticationCryptographic Module Authentication (T)Not SpecifiedNot EnteredNot AssignedIA-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-8Identification and Authentication (Non-Organizational Users)Identification and Authentication (Non-Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-8 (1)Identification and Authentication (Non-Organizational Users)Identification and Authentication (Non-Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-8(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-8 (2)Identification and Authentication (Non-Organizational Users)Identification and Authentication (Non-Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-8(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-8 (3)Identification and Authentication (Non-Organizational Users)Identification and Authentication (Non-Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-8(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-8 (4)Identification and Authentication (Non-Organizational Users)Identification and Authentication (Non-Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-8(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IA-8 (DHS-1.5.4.c)Identification and Authentication (Non-Organizational Users)Identification and Authentication (Non-Organizational Users) (T)Not SpecifiedNot EnteredNot AssignedIA-8(DHS-1.5.4.c)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A IR-1Incident Response Policy and ProceduresIncident Response Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedIR-1.1, IR-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-2Incident Response TrainingIncident Response Training (O)Not SpecifiedNot EnteredNot AssignedIR-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-2 (1)Incident Response TrainingIncident Response Training (O)Not SpecifiedNot EnteredNot AssignedIR-2(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-2 (2)Incident Response TrainingIncident Response Training (O)Not SpecifiedNot EnteredNot AssignedIR-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-3Incident Response Testing and ExercisesIncident Response Testing (O)Not SpecifiedNot EnteredNot AssignedIR-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-3 (2)Incident Response Testing and ExercisesIncident Response Testing (O)Not SpecifiedNot EnteredNot AssignedIR-3(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-4Incident HandlingIncident Handling (O)Not SpecifiedNot EnteredNot AssignedIR-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-4 (1)Incident HandlingIncident Handling (O)Not SpecifiedNot EnteredNot AssignedIR-4(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-4 (4)Incident HandlingIncident Handling (O)Not SpecifiedNot EnteredNot AssignedIR-4(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-5Incident MonitoringIncident Monitoring (O)Not SpecifiedNot EnteredNot AssignedIR-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-5 (1)Incident MonitoringIncident Monitoring (O)Not SpecifiedNot EnteredNot AssignedIR-5(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-6Incident ReportingIncident Reporting (O)Not SpecifiedNot EnteredNot AssignedIR-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-6 (1)Incident ReportingIncident Reporting (O)Not SpecifiedNot EnteredNot AssignedIR-6(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-7Incident Response AssistanceIncident Response Assistance (O)Not SpecifiedNot EnteredNot AssignedIR-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-7 (1)Incident Response AssistanceIncident Response Assistance (O)Not SpecifiedNot EnteredNot AssignedIR-7(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A IR-8Incident Response PlanIncident Response Plan (O)Not SpecifiedNot EnteredNot AssignedIR-8.1, IR-8.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-1System Maintenance Policy and ProceduresSystem Maintenance Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMA-1.1, MA-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-2Controlled MaintenanceControlled Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-2 (2)Controlled MaintenanceControlled Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-2(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-3Maintenance ToolsMaintenance Tools (O)Not SpecifiedNot EnteredNot AssignedMA-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-3 (1)Maintenance ToolsMaintenance Tools (O)Not SpecifiedNot EnteredNot AssignedMA-3(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-3 (2)Maintenance ToolsMaintenance Tools (O)Not SpecifiedNot EnteredNot AssignedMA-3(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-3 (3)Maintenance ToolsMaintenance Tools (O)Not SpecifiedNot EnteredNot AssignedMA-3(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-4Non-Local MaintenanceNonlocal Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-4 (2)Non-Local MaintenanceNonlocal Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-4(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-4 (3)Non-Local MaintenanceNonlocal Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-4(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-4 (DHS-5.4.4.c)Non-Local MaintenanceNonlocal Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-4(DHS-5.4.4.c)XXX--Not MetNoneNIST 800-53 w/ DHS 4300A MA-5Maintenance PersonnelMaintenance Personnel (O)Not SpecifiedNot EnteredNot AssignedMA-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-5 (1)Maintenance PersonnelMaintenance Personnel (O)Not SpecifiedNot EnteredNot AssignedMA-5(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MA-6Timely MaintenanceTimely Maintenance (O)Not SpecifiedNot EnteredNot AssignedMA-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-1Media Protection Policy and ProceduresMedia Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMP-1.1, MP-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-1 (DHS-3.14.5.b)Media Protection Policy and ProceduresMedia Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMP-1(DHS-3.14.5.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-1 (DHS-4.3.1.g)Media Protection Policy and ProceduresMedia Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMP-1(DHS-4.3.1.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-1 (DHS-5.4.1.d)Media Protection Policy and ProceduresMedia Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMP-1(DHS-5.4.1.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-1 (DHS-5.6.c)Media Protection Policy and ProceduresMedia Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMP-1(DHS-5.6.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-2Media AccessMedia Access (O)Not SpecifiedNot EnteredNot AssignedMP-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-3Media MarkingMedia Marking (O)Not SpecifiedNot EnteredNot AssignedMP-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-4Media StorageMedia Storage (O)Not SpecifiedNot EnteredNot AssignedMP-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-4 (DHS-3.14.5.f)Media StorageMedia Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedMP-4(DHS-3.14.5.f)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-5Media TransportMedia Transport (O)Not SpecifiedNot EnteredNot AssignedMP-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-5 (4)Media TransportMedia Transport (O)Not SpecifiedNot EnteredNot AssignedMP-5(4).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-5 (DHS-4.11.f)Media TransportMedia Transport (O)Not SpecifiedNot EnteredNot AssignedMP-5(DHS-4.11.f)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-6Media SanitizationMedia Sanitization (O)Not SpecifiedNot EnteredNot AssignedMP-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-6 (1)Media SanitizationMedia Sanitization (O)Not SpecifiedNot EnteredNot AssignedMP-6(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-6 (2)Media SanitizationMedia Sanitization (O)Not SpecifiedNot EnteredNot AssignedMP-6(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-6 (3)Media SanitizationMedia Sanitization (O)Not SpecifiedNot EnteredNot AssignedMP-6(3).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-7Media UseMedia Use (O)Not SpecifiedNot EnteredNot AssignedMP-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-7 (1)Prohibit Use Without OwnerMedia Use (O)Not SpecifiedNot EnteredNot AssignedMP-7(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-7 (DHS-4.3.1.d)USB Drive encryptionMedia Use (O)Not SpecifiedNot EnteredNot AssignedMP-7(DHS-4.3.1.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-7 (DHS-4.3.1.e)DHS owned Removable MediaMedia Use (O)Not SpecifiedNot EnteredNot AssignedMP-7(DHS-4.3.1.e)XX---Not MetNoneNIST 800-53 w/ DHS 4300A MP-7 (DHS-4.3.1.f)Protection of Sensitive Paper and Electronic OutputsMedia Use (O)Not SpecifiedNot EnteredNot AssignedMP-7(DHS-4.3.1.f)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-1Physical and Environmental Protection Policy and ProceduresPhysical and Environmental Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedPE-1.1, PE-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-1 (DHS-3.3.c)Physical and Environmental Protection Policy and ProceduresPhysical and Environmental Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedPE-1(DHS-3.3.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-1 (DHS-4.6.2.3.b)Physical and Environmental Protection Policy and ProceduresPhysical and Environmental Protection Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedPE-1(DHS-4.6.2.3.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-2Physical Access AuthorizationsPhysical Access Authorizations (O)Not SpecifiedNot EnteredNot AssignedPE-2.1, PE-2.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-3Physical Access ControlPhysical Access Control (O)Not SpecifiedNot EnteredNot AssignedPE-3.1, PE-3.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-3 (1)Physical Access ControlPhysical Access Control (O)Not SpecifiedNot EnteredNot AssignedPE-3(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-4Access Control for Transmission MediumAccess Control for Transmission Medium (O)Not SpecifiedNot EnteredNot AssignedPE-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-5Access Control for Output DevicesAccess Control for Output Devices (O)Not SpecifiedNot EnteredNot AssignedPE-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-6Monitoring Physical AccessMonitoring Physical Access (O)Not SpecifiedNot EnteredNot AssignedPE-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-6 (1)Monitoring Physical AccessMonitoring Physical Access (O)Not SpecifiedNot EnteredNot AssignedPE-6(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-6 (4)Monitoring Physical AccessMonitoring Physical Access (O)Not SpecifiedNot EnteredNot AssignedPE-6(4).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-8Access RecordsVisitor Access Records (O)Not SpecifiedNot EnteredNot AssignedPE-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-8 (1)Access RecordsVisitor Access Records (O)Not SpecifiedNot EnteredNot AssignedPE-8(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-9Power Equipment and Power CablingPower Equipment and Cabling (O)Not SpecifiedNot EnteredNot AssignedPE-9.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-10Emergency ShutoffEmergency Shutoff (O)Not SpecifiedNot EnteredNot AssignedPE-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-11Emergency PowerEmergency Power (O)Not SpecifiedNot EnteredNot AssignedPE-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-11 (1)Emergency PowerEmergency Power (O)Not SpecifiedNot EnteredNot AssignedPE-11(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-12Emergency LightingEmergency Lighting (O)Not SpecifiedNot EnteredNot AssignedPE-12.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-13Fire ProtectionFire Protection (O)Not SpecifiedNot EnteredNot AssignedPE-13.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-13 (1)Fire ProtectionFire Protection (O)Not SpecifiedNot EnteredNot AssignedPE-13(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-13 (2)Fire ProtectionFire Protection (O)Not SpecifiedNot EnteredNot AssignedPE-13(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-13 (3)Fire ProtectionFire Protection (O)Not SpecifiedNot EnteredNot AssignedPE-13(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-14Temperature and Humidity ControlsTemperature and Humidity Controls (O)Not SpecifiedNot EnteredNot AssignedPE-14.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-15Water Damage ProtectionWater Damage Protection (O)Not SpecifiedNot EnteredNot AssignedPE-15.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-15 (1)Water Damage ProtectionWater Damage Protection (O)Not SpecifiedNot EnteredNot AssignedPE-15(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-16Delivery and RemovalDelivery and Removal (O)Not SpecifiedNot EnteredNot AssignedPE-16.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-17Alternate Work SiteAlternate Work Site (O)Not SpecifiedNot EnteredNot AssignedPE-17.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PE-18Location of Information System ComponentsLocation of Information System Components (O)Not SpecifiedNot EnteredNot AssignedPE-18.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-1Security Planning Policy and ProceduresSecurity Planning Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedPL-1.1, PL-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-1 (DHS-3.14.5.c)Security Planning Policy and ProceduresSecurity Planning Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedPL-1(DHS-3.14.5.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-1 (DHS-3.14.7.d)Security Planning Policy and ProceduresSecurity Planning Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedPL-1(DHS-3.14.7.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-2System Security PlanSystem Security Plan (M)Not SpecifiedNot EnteredNot AssignedPL-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-2 (3)System Security PlanSystem Security Plan (M)Not SpecifiedNot EnteredNot AssignedPL-2(3).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4 (1)Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4 (DHS-4.1.2.a)Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4(DHS-4.1.2.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4 (DHS-4.8.2.a)Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4(DHS-4.8.2.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4 (DHS-4.8.2.b)Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4(DHS-4.8.2.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4 (DHS-4.8.3.a)Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4(DHS-4.8.3.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-4 (DHS-4.8.5.e)Rules of BehaviorRules of Behavior (M)Not SpecifiedNot EnteredNot AssignedPL-4(DHS-4.8.5.e)XX---Not MetNoneNIST 800-53 w/ DHS 4300A PL-8Information Security ArchitectureInformation Security Architecture (M)Not SpecifiedNot EnteredNot AssignedPL-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-1Information Security Program PlanInformation Security Program Plan (M)Not SpecifiedNot EnteredNot AssignedPM-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-2Senior Information Security OfficerSenior Information Security Officer (M)Not SpecifiedNot EnteredNot AssignedPM-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-3Information Security ResourcesInformation Security Resources (M)Not SpecifiedNot EnteredNot AssignedPM-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-4Plan of Action and Milestones ProcessPlan of Action and Milestones Process (M)Not SpecifiedNot EnteredNot AssignedPM-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-5Information System InventoryInformation System Inventory (M)Not SpecifiedNot EnteredNot AssignedPM-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-6Information Security Measures of PerformanceInformation Security Measures of Performance (M)Not SpecifiedNot EnteredNot AssignedPM-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-7Enterprise ArchitectureEnterprise Architecture (M)Not SpecifiedNot EnteredNot AssignedPM-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-8Critical Infrastructure PlanCritical Infrastructure Plan (M)Not SpecifiedNot EnteredNot AssignedPM-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-9Risk Management StrategyRisk Management Strategy (M)Not SpecifiedNot EnteredNot AssignedPM-9.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-10Security Authorization ProcessSecurity Authorization Process (M)Not SpecifiedNot EnteredNot AssignedPM-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-11Mission/Business Process DefinitionMission/Business Process Definition (M)Not SpecifiedNot EnteredNot AssignedPM-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-12Insider Threat ProgramInsider Threat Program (M)Not SpecifiedNot EnteredNot AssignedPM-12.1X----Not MetNoneNIST 800-53 w/ DHS 4300A PM-13Information Security WorkforceInformation Security Workforce (M)Not SpecifiedNot EnteredNot AssignedPM-13.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-14Testing, Training, and MonitoringTesting, Training, and Monitoring (M)Not SpecifiedNot EnteredNot AssignedPM-14.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-15Contacts with Security Groups and AssociationsContacts with Security and Associations (M)Not SpecifiedNot EnteredNot AssignedPM-15.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PM-16Threat Awareness ProgramThreat Awareness Program (M)Not SpecifiedNot EnteredNot AssignedPM-16.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AP-1Authority to CollectAuthority to Collect ()Not SpecifiedNot EnteredNot AssignedAP-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AP-2Purpose SpecificationPurpose Specification ()Not SpecifiedNot EnteredNot AssignedAP-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-1Governance and Privacy ProgramGovernance and Privacy Program ()Not SpecifiedNot EnteredNot AssignedAR-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-2Privacy Impact and Risk AssessmentPrivacy Impact and Risk Assessment ()Not SpecifiedNot EnteredNot AssignedAR-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-3Privacy Requirements for Contractors and Service ProvidersPrivacy Requirements for Contractors and Service Providers ()Not SpecifiedNot EnteredNot AssignedAR-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-4Privacy Monitoring and AuditingPrivacy Monitoring and Auditing ()Not SpecifiedNot EnteredNot AssignedAR-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-5Privacy Awareness and TrainingPrivacy Awareness and Training ()Not SpecifiedNot EnteredNot AssignedAR-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-6Privacy ReportingPrivacy Reporting ()Not SpecifiedNot EnteredNot AssignedAR-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-7Privacy-Enhanced System Design and DevelopmentPrivacy-Enhanced System Design and Development ()Not SpecifiedNot EnteredNot AssignedAR-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-AR-8Accounting of DisclosuresAccounting of Disclosures ()Not SpecifiedNot EnteredNot AssignedAR-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-DI-1Data QualityData Quality ()Not SpecifiedNot EnteredNot AssignedDI-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-DI-2Data Integrity and Data Integrity BoardData Integrity and Data Integrity Board ()Not SpecifiedNot EnteredNot AssignedDI-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-DM-1Minimization of Personally Identifiable InformationMinimization of Personally Identifiable Information ()Not SpecifiedNot EnteredNot AssignedDM-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-DM-2Data Retention and DisposalData Retention and Disposal ()Not SpecifiedNot EnteredNot AssignedDM-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-DM-3Minimization of PII Used in Testing, Training, and ResearchMinimization of PII Used in Testing, Training, and Research ()Not SpecifiedNot EnteredNot AssignedDM-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-IP-1ConsentConsent ()Not SpecifiedNot EnteredNot AssignedIP-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-IP-2Individual AccessIndividual Access ()Not SpecifiedNot EnteredNot AssignedIP-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-IP-3RedressRedress ()Not SpecifiedNot EnteredNot AssignedIP-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-IP-4Complaint ManagementComplaint Management ()Not SpecifiedNot EnteredNot AssignedIP-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-SE-1Inventory of Personally Identifiable InformationInventory of Personally Identifiable Information ()Not SpecifiedNot EnteredNot AssignedSE-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-SE-2Privacy Incident ResponsePrivacy Incident Response ()Not SpecifiedNot EnteredNot AssignedSE-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-TR-1Privacy NoticePrivacy Notice ()Not SpecifiedNot EnteredNot AssignedTR-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-TR-2System of Records Notices and Privacy Act StatementsSystem of Records Notices and Privacy Act Statements ()Not SpecifiedNot EnteredNot AssignedTR-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-TR-3Dissemination of Privacy Program InformationDissemination of Privacy Program Information ()Not SpecifiedNot EnteredNot AssignedTR-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-UL-1Internal UseInternal Use ()Not SpecifiedNot EnteredNot AssignedUL-1.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PRIV-UL-2Information Sharing with Third PartiesInformation Sharing with Third Parties ()Not SpecifiedNot EnteredNot AssignedUL-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-1Personnel Security Policy and ProceduresPersonnel Security Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedPS-1.1, PS-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-2Position CategorizationPosition Risk Designation (O)Not SpecifiedNot EnteredNot AssignedPS-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-3Personnel ScreeningPersonnel Screening (O)Not SpecifiedNot EnteredNot AssignedPS-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-4Personnel TerminationPersonnel Termination (O)Not SpecifiedNot EnteredNot AssignedPS-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-4 (2)Automated NotificationPersonnel Termination (O)Not SpecifiedNot EnteredNot AssignedPS-4(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-5Personnel TransferPersonnel Transfer (O)Not SpecifiedNot EnteredNot AssignedPS-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-6Access AgreementsAccess Agreements (O)Not SpecifiedNot EnteredNot AssignedPS-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-7Third-Party Personnel SecurityThird-Party Personnel Security (O)Not SpecifiedNot EnteredNot AssignedPS-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A PS-8Personnel SanctionsPersonnel Sanctions (O)Not SpecifiedNot EnteredNot AssignedPS-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-1Risk Assessment Policy and ProceduresRisk Assessment Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedRA-1.1, RA-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-2Security CategorizationSecurity Categorization (M)Not SpecifiedNot EnteredNot AssignedRA-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-2 (DHS-3.9.a)Security CategorizationSecurity Categorization (M)Not SpecifiedNot EnteredNot AssignedRA-2(DHS-3.9.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-2 (DHS-3.14.2.e)Security CategorizationSecurity Categorization (M)Not SpecifiedNot EnteredNot AssignedRA-2(DHS-3.14.2.e)XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-3Risk AssessmentRisk Assessment (M)Not SpecifiedNot EnteredNot AssignedRA-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-5Vulnerability ScanningVulnerability Scanning (M)Not SpecifiedNot EnteredNot AssignedRA-5.1, RA-5.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-5 (1)Vulnerability ScanningVulnerability Scanning (M)Not SpecifiedNot EnteredNot AssignedRA-5(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-5 (2)Vulnerability ScanningVulnerability Scanning (M)Not SpecifiedNot EnteredNot AssignedRA-5(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-5 (4)Vulnerability ScanningVulnerability Scanning (M)Not SpecifiedNot EnteredNot AssignedRA-5(4).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-5 (5)Vulnerability ScanningVulnerability Scanning (M)Not SpecifiedNot EnteredNot AssignedRA-5(5).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A RA-5 (DHS-4.8.4.d)Vulnerability ScanningVulnerability Scanning (M)Not SpecifiedNot EnteredNot AssignedRA-5(DHS-4.8.4.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-1System and Services Acquisition Policy and ProceduresSystem and Services Acquisition Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedSA-1.1, SA-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-1 (DHS-3.1.g)System and Services Acquisition Policy and ProceduresSystem and Services Acquisition Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedSA-1(DHS-3.1.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-1 (DHS-3.2.g)System and Services Acquisition Policy and ProceduresSystem and Services Acquisition Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedSA-1(DHS-3.2.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-1 (DHS-3.3.a)System and Services Acquisition Policy and ProceduresSystem and Services Acquisition Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedSA-1(DHS-3.3.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-1 (DHS-3.3.b)System and Services Acquisition Policy and ProceduresSystem and Services Acquisition Policy and Procedures (M)Not SpecifiedNot EnteredNot AssignedSA-1(DHS-3.3.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-2Allocation of ResourcesAllocation of Resources (M)Not SpecifiedNot EnteredNot AssignedSA-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-3Life Cycle SupportSystem Development Life Cycle (M)Not SpecifiedNot EnteredNot AssignedSA-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-3 (DHS-3.6.c)Life Cycle SupportSystem Development Life Cycle (M)Not SpecifiedNot EnteredNot AssignedSA-3(DHS-3.6.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4 (1)AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4 (2)AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4 (9)AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4(9).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4 (10)AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4(10).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4 (DHS-3.14.7.g)AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4(DHS-3.14.7.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-4 (DHS-5.7.b)AcquisitionsAcquisition Process (M)Not SpecifiedNot EnteredNot AssignedSA-4(DHS-5.7.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-5Information System DocumentationInformation System Documentation (M)Not SpecifiedNot EnteredNot AssignedSA-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-8Security Engineering PrinciplesSecurity Engineering Principles (M)Not SpecifiedNot EnteredNot AssignedSA-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-9External Information System ServicesExternal Information System Services (M)Not SpecifiedNot EnteredNot AssignedSA-9.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-9 (2)External Information System ServicesExternal Information System Services (M)Not SpecifiedNot EnteredNot AssignedSA-9(2).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-10Developer Configuration ManagementDeveloper Configuration Management (M)Not SpecifiedNot EnteredNot AssignedSA-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-11Developer Security Testing and EvaluationDeveloper Security Testing and Evaluation (M)Not SpecifiedNot EnteredNot AssignedSA-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-12Supply Chain ProtectionSupply Chain Protection (M)Not SpecifiedNot EnteredNot AssignedSA-12.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-12 (DHS-5.8.a)Supply Chain ProtectionSupply Chain Protection (M)Not SpecifiedNot EnteredNot AssignedSA-12(DHS-5.8.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-12 (DHS-5.8.b)Supply Chain ProtectionSupply Chain Protection (M)Not SpecifiedNot EnteredNot AssignedSA-12(DHS-5.8.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-15Development Process, Standards, and ToolsDevelopment Process, Standards, and Tools (M)Not SpecifiedNot EnteredNot AssignedSA-15.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-16Developer-Provided TrainingDeveloper-Provided Training (M)Not SpecifiedNot EnteredNot AssignedSA-16.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SA-17Developer Security Architecture and DesignDeveloper Security Architecture and Design (M)Not SpecifiedNot EnteredNot AssignedSA-17.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1.1, SC-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-3.17.a)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-3.17.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-4.4.1.a)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-4.4.1.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-4.5.2.a)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-4.5.2.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-4.5.3.b)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-4.5.3.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-5.5.2.t)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-5.5.2.t)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-5.5.3.j)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-5.5.3.j)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-1 (DHS-5.7.a)System and Communications Protection Policy and ProceduresSystem and Communications Protection Policy and Procedures (T)Not SpecifiedNot EnteredNot AssignedSC-1(DHS-5.7.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-2Application PartitioningApplication Partitioning (T)Not SpecifiedNot EnteredNot AssignedSC-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-3Security Function IsolationSecurity Function Isolation (T)Not SpecifiedNot EnteredNot AssignedSC-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-4Information in Shared ResourcesInformation in Shared Resources (T)Not SpecifiedNot EnteredNot AssignedSC-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-5Denial-of-Service ProtectionDenial of Service Protection (T)Not SpecifiedNot EnteredNot AssignedSC-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-5 (DHS-4.6.1.c)Denial-of-Service ProtectionDenial of Service Protection (T)Not SpecifiedNot EnteredNot AssignedSC-5(DHS-4.6.1.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (3)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(3).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (4)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(4).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (5)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(5).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (7)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(7).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (8)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(8).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (18)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(18).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (21)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(21).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (DHS-5.4.4.h)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(DHS-5.4.4.h)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (DHS-5.4.5.a)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(DHS-5.4.5.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-7 (DHS-5.4.5.b)Boundary ProtectionBoundary Protection (T)Not SpecifiedNot EnteredNot AssignedSC-7(DHS-5.4.5.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-8Transmission IntegrityTransmission Confidentiality and Integrity (T)Not SpecifiedNot EnteredNot AssignedSC-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-8 (1)Transmission IntegrityTransmission Confidentiality and Integrity (T)Not SpecifiedNot EnteredNot AssignedSC-8(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-10Network DisconnectNetwork Disconnect (T)Not SpecifiedNot EnteredNot AssignedSC-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12 (1)Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12(1).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12 (DHS-4.6.b)Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12(DHS-4.6.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12 (DHS-5.5.3.a)Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12(DHS-5.5.3.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12 (DHS-5.5.3.b)Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12(DHS-5.5.3.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12 (DHS-5.5.3.c)Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12(DHS-5.5.3.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-12 (DHS-5.5.3.i)Cryptographic Key Establishment and ManagementCryptographic Key Establishment and Management (T)Not SpecifiedNot EnteredNot AssignedSC-12(DHS-5.5.3.i)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-13Use of CryptographyCryptographic Protection (T)Not SpecifiedNot EnteredNot AssignedSC-13.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-13 (DHS-5.4.6.k)Use of CryptographyCryptographic Protection (T)Not SpecifiedNot EnteredNot AssignedSC-13(DHS-5.4.6.k)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-13 (DHS-5.5.1.a)Use of CryptographyCryptographic Protection (T)Not SpecifiedNot EnteredNot AssignedSC-13(DHS-5.5.1.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-13 (DHS-5.5.1.c)Use of CryptographyCryptographic Protection (T)Not SpecifiedNot EnteredNot AssignedSC-13(DHS-5.5.1.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-13 (DHS-5.5.2.v)Use of CryptographyCryptographic Protection (T)Not SpecifiedNot EnteredNot AssignedSC-13(DHS-5.5.2.v)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-13 (DHS-5.7.d)Use of CryptographyCryptographic Protection (T)Not SpecifiedNot EnteredNot AssignedSC-13(DHS-5.7.d)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-15Collaborative Computing DevicesCollaborative Computing Devices (T)Not SpecifiedNot EnteredNot AssignedSC-15.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-15 (DHS-4.5.3.a)Collaborative Computing DevicesCollaborative Computing Devices (T)Not SpecifiedNot EnteredNot AssignedSC-15(DHS-4.5.3.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-15 (DHS-4.5.3.b)Collaborative Computing DevicesCollaborative Computing Devices (T)Not SpecifiedNot EnteredNot AssignedSC-15(DHS-4.5.3.b)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-15 (DHS-4.5.3.c)Collaborative Computing DevicesCollaborative Computing Devices (T)Not SpecifiedNot EnteredNot AssignedSC-15(DHS-4.5.3.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-17Public Key Infrastructure CertificatesPublic Key Infrastructure Certificates (T)Not SpecifiedNot EnteredNot AssignedSC-17.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-18Mobile CodeMobile Code (T)Not SpecifiedNot EnteredNot AssignedSC-18.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-19Voice Over Internet ProtocolVoice Over Internet Protocol (T)Not SpecifiedNot EnteredNot AssignedSC-19.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-20Secure Name/Address Resolution Service (Authoritative Source)Secure Name / Address Resolution Service (Authoritative Source) (T)Not SpecifiedNot EnteredNot AssignedSC-20.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-20 (DHS-5.4.3.k)Secure Name/Address Resolution Service (Authoritative Source)Secure Name / Address Resolution Service (Authoritative Source) (T)Not SpecifiedNot EnteredNot AssignedSC-20(DHS-5.4.3.k)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-21Secure Name/Address Resolution Service (Recursive or Caching Resolver)Secure Name / Address Resolution Service (Recursive or Caching Resolver) (T)Not SpecifiedNot EnteredNot AssignedSC-21.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-22Architecture and Provisioning for Name/Address Resolution ServiceArchitecture and Provisioning for Name/Address Resolution Service (T)Not SpecifiedNot EnteredNot AssignedSC-22.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-23Session AuthenticitySession Authenticity (T)Not SpecifiedNot EnteredNot AssignedSC-23.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-24Fail in Known StateFail in Known State (T)Not SpecifiedNot EnteredNot AssignedSC-24.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-28Protection of Information at RestProtection of Information at Rest (T)Not SpecifiedNot EnteredNot AssignedSC-28.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-28 (DHS-5.2.g)Protection of Information at RestProtection of Information at Rest (T)Not SpecifiedNot EnteredNot AssignedSC-28(DHS-5.2.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SC-39Process IsolationProcess Isolation (T)Not SpecifiedNot EnteredNot AssignedSC-39.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-1System and Information Integrity Policy and ProceduresSystem and Information Integrity Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedSI-1.1, SI-1.2XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-1 (DHS-5.4.2.a)System and Information Integrity Policy and ProceduresSystem and Information Integrity Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedSI-1(DHS-5.4.2.a)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-1 (DHS-5.4.5.c)System and Information Integrity Policy and ProceduresSystem and Information Integrity Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedSI-1(DHS-5.4.5.c)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-1 (DHS-5.4.6.h)System and Information Integrity Policy and ProceduresSystem and Information Integrity Policy and Procedures (O)Not SpecifiedNot EnteredNot AssignedSI-1(DHS-5.4.6.h)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-2Flaw RemediationFlaw Remediation (O)Not SpecifiedNot EnteredNot AssignedSI-2.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-2 (1)Flaw RemediationFlaw Remediation (O)Not SpecifiedNot EnteredNot AssignedSI-2(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-2 (2)Flaw RemediationFlaw Remediation (O)Not SpecifiedNot EnteredNot AssignedSI-2(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-3Malicious Code ProtectionMalicious Code Protection (O)Not SpecifiedNot EnteredNot AssignedSI-3.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-3 (1)Malicious Code ProtectionMalicious Code Protection (O)Not SpecifiedNot EnteredNot AssignedSI-3(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-3 (2)Malicious Code ProtectionMalicious Code Protection (O)Not SpecifiedNot EnteredNot AssignedSI-3(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-3 (10)Malicious Code ProtectionMalicious Code Protection (O)Not SpecifiedNot EnteredNot AssignedSI-3(10).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-3 (DHS-5.4.6.g)Malicious Code ProtectionMalicious Code Protection (O)Not SpecifiedNot EnteredNot AssignedSI-3(DHS-5.4.6.g)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-4Information System MonitoringInformation System Monitoring (O)Not SpecifiedNot EnteredNot AssignedSI-4.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-4 (2)Information System MonitoringInformation System Monitoring (O)Not SpecifiedNot EnteredNot AssignedSI-4(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-4 (4)Information System MonitoringInformation System Monitoring (O)Not SpecifiedNot EnteredNot AssignedSI-4(4).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-4 (5)Information System MonitoringInformation System Monitoring (O)Not SpecifiedNot EnteredNot AssignedSI-4(5).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-5Security Alerts, Advisories, and DirectivesSecurity Alerts, Advisories, and Directives (O)Not SpecifiedNot EnteredNot AssignedSI-5.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-5 (1)Security Alerts, Advisories, and DirectivesSecurity Alerts, Advisories, and Directives (O)Not SpecifiedNot EnteredNot AssignedSI-5(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-6Security Functionality VerificationSecurity Function Verification (O)Not SpecifiedNot EnteredNot AssignedSI-6.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7 (1)Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7 (2)Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7 (5)Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7(5).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7 (7)Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7(7).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7 (14)Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7(14).1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-7 (DHS-5.1.1.e)Software and Information IntegritySoftware, Firmware, and Information Integrity (O)Not SpecifiedNot EnteredNot AssignedSI-7(DHS-5.1.1.e)XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-8Spam ProtectionSpam Protection (O)Not SpecifiedNot EnteredNot AssignedSI-8.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-8 (1)Spam ProtectionSpam Protection (O)Not SpecifiedNot EnteredNot AssignedSI-8(1).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-8 (2)Spam ProtectionSpam Protection (O)Not SpecifiedNot EnteredNot AssignedSI-8(2).1 XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-10Information Input ValidationInformation Input Validation (O)Not SpecifiedNot EnteredNot AssignedSI-10.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-11Error HandlingError Handling (O)Not SpecifiedNot EnteredNot AssignedSI-11.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-12Information Output Handling and RetentionInformation Handling and Retention (O)Not SpecifiedNot EnteredNot AssignedSI-12.1XX---Not MetNoneNIST 800-53 w/ DHS 4300A SI-16Memory ProtectionMemory Protection (O)Not SpecifiedNot EnteredNot AssignedSI-16.1XX---Not MetNone ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download