Date: Mar 29, 2024, 11:49:25 AM
Date: Nov 28, 2019, 2:04:46 PM
Editor: Juan
Name:
Name: NIST SP 800-53 (Rev.5)
Description:
Description: Recommended Security Controls for Federal Information Systems and Organizations. (Rev.5)
t | 1 | {} | t | 1 | { |
2 | "label": "NIST SP 800-53", | ||||
3 | "language": "EN", | ||||
4 | "refs": [ | ||||
5 | "https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft" | ||||
6 | ], | ||||
7 | "uuid": "cfd2cd50-95fa-4143-b0e5-794249bacae1", | ||||
8 | "values": [ | ||||
9 | { | ||||
10 | "category": "Access Control", | ||||
11 | "code": "AC-1", | ||||
12 | "label": "Access Control Policy and Procedures", | ||||
13 | "uuid": "ebf10522-0f57-4880-aa73-e28a206b7be4" | ||||
14 | }, | ||||
15 | { | ||||
16 | "category": "Access Control", | ||||
17 | "code": "AC-2", | ||||
18 | "label": "Account Management", | ||||
19 | "uuid": "8245e3a6-09ee-488a-880f-8d1b811b2091" | ||||
20 | }, | ||||
21 | { | ||||
22 | "category": "Access Control", | ||||
23 | "code": "AC-3", | ||||
24 | "label": "Access Enforcement", | ||||
25 | "uuid": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb" | ||||
26 | }, | ||||
27 | { | ||||
28 | "category": "Access Control", | ||||
29 | "code": "AC-4", | ||||
30 | "label": "Information Flow Enforcement", | ||||
31 | "uuid": "e2323e31-d4c5-4f58-8de3-529d41c7fde6" | ||||
32 | }, | ||||
33 | { | ||||
34 | "category": "Access Control", | ||||
35 | "code": "AC-5", | ||||
36 | "label": "Separation of Duties", | ||||
37 | "uuid": "35f0172f-4770-4f69-9aa7-8b48a880c85a" | ||||
38 | }, | ||||
39 | { | ||||
40 | "category": "Access Control", | ||||
41 | "code": "AC-6", | ||||
42 | "label": "Least Privilege", | ||||
43 | "uuid": "cea02331-b15a-42bb-ae5c-826afb449240" | ||||
44 | }, | ||||
45 | { | ||||
46 | "category": "Access Control", | ||||
47 | "code": "AC-7", | ||||
48 | "label": "Unsuccessful Logon Attempts", | ||||
49 | "uuid": "f8e45f26-413c-4c61-be2c-216ec688ecb1" | ||||
50 | }, | ||||
51 | { | ||||
52 | "category": "Access Control", | ||||
53 | "code": "AC-8", | ||||
54 | "label": "System Use Notification", | ||||
55 | "uuid": "2006d82c-a148-470f-ad3d-339980bb69b9" | ||||
56 | }, | ||||
57 | { | ||||
58 | "category": "Access Control", | ||||
59 | "code": "AC-9", | ||||
60 | "label": "Previous Logon (Access) Notification", | ||||
61 | "uuid": "a06fe04e-e834-42c9-8b4f-d998eb493136" | ||||
62 | }, | ||||
63 | { | ||||
64 | "category": "Access Control", | ||||
65 | "code": "AC-10", | ||||
66 | "label": "Concurrent Session Control", | ||||
67 | "uuid": "2feed753-8333-46b9-b4a0-ffd78e6d5f96" | ||||
68 | }, | ||||
69 | { | ||||
70 | "category": "Access Control", | ||||
71 | "code": "AC-11", | ||||
72 | "label": "Device Lock", | ||||
73 | "uuid": "48e9827d-60b5-4637-89fa-45dfb4231ff7" | ||||
74 | }, | ||||
75 | { | ||||
76 | "category": "Access Control", | ||||
77 | "code": "AC-12", | ||||
78 | "label": "Session Termination", | ||||
79 | "uuid": "db302cfa-325b-4d4d-a6b3-f85618ca4eb6" | ||||
80 | }, | ||||
81 | { | ||||
82 | "category": "Access Control", | ||||
83 | "code": "AC-14", | ||||
84 | "label": "Permitted Actions without Identification or Authentication", | ||||
85 | "uuid": "90b4a207-023d-4ac4-a1dd-c5ca32453de2" | ||||
86 | }, | ||||
87 | { | ||||
88 | "category": "Access Control", | ||||
89 | "code": "AC-16", | ||||
90 | "label": "Security and Privacy Attributes", | ||||
91 | "uuid": "33d42330-bde6-4964-82c9-fd2eaa07792d" | ||||
92 | }, | ||||
93 | { | ||||
94 | "category": "Access Control", | ||||
95 | "code": "AC-17", | ||||
96 | "label": "Remote Access", | ||||
97 | "uuid": "1b2e1483-0a0e-4c84-ad44-42db07d6172f" | ||||
98 | }, | ||||
99 | { | ||||
100 | "category": "Access Control", | ||||
101 | "code": "AC-18", | ||||
102 | "label": "Wireless Access", | ||||
103 | "uuid": "5dad70d6-04e6-4ad0-9c32-c565e40329ad" | ||||
104 | }, | ||||
105 | { | ||||
106 | "category": "Access Control", | ||||
107 | "code": "AC-19", | ||||
108 | "label": "Access Control for Mobile Devices", | ||||
109 | "uuid": "250001c2-f02d-496c-917e-70034724bfd6" | ||||
110 | }, | ||||
111 | { | ||||
112 | "category": "Access Control", | ||||
113 | "code": "AC-20", | ||||
114 | "label": "Use of External Systems", | ||||
115 | "uuid": "fc9d8985-7dea-4b78-b977-7c5ac82e15f2" | ||||
116 | }, | ||||
117 | { | ||||
118 | "category": "Access Control", | ||||
119 | "code": "AC-21", | ||||
120 | "label": "Information Sharing", | ||||
121 | "uuid": "5d4dc43c-9c46-4fc5-969b-02a1421acf42" | ||||
122 | }, | ||||
123 | { | ||||
124 | "category": "Access Control", | ||||
125 | "code": "AC-22", | ||||
126 | "label": "Publicly Accessible Content", | ||||
127 | "uuid": "81cc10c0-de1e-4317-aae9-304a4c45151e" | ||||
128 | }, | ||||
129 | { | ||||
130 | "category": "Access Control", | ||||
131 | "code": "AC-23", | ||||
132 | "label": "Data Mining Protection", | ||||
133 | "uuid": "ccd5e72f-92d7-4824-8caa-9a75209849d2" | ||||
134 | }, | ||||
135 | { | ||||
136 | "category": "Access Control", | ||||
137 | "code": "AC-24", | ||||
138 | "label": "Access Control Decisions", | ||||
139 | "uuid": "5493d4a2-bae6-4bdf-ba84-79bbae4fb53b" | ||||
140 | }, | ||||
141 | { | ||||
142 | "category": "Access Control", | ||||
143 | "code": "AC-25", | ||||
144 | "label": "Reference Monitor", | ||||
145 | "uuid": "6922787a-2fcb-4cfe-a3bc-a75e7c49fccd" | ||||
146 | }, | ||||
147 | { | ||||
148 | "category": "Awareness And Training", | ||||
149 | "code": "AT-1", | ||||
150 | "label": "Awareness and Training Policy and Procedures", | ||||
151 | "uuid": "468658d8-61b8-4757-8c28-d6017337ea91" | ||||
152 | }, | ||||
153 | { | ||||
154 | "category": "Awareness And Training", | ||||
155 | "code": "AT-2", | ||||
156 | "label": "Awareness Training", | ||||
157 | "uuid": "3f956648-f1a8-4c8f-9e4b-11e4da8afc6a" | ||||
158 | }, | ||||
159 | { | ||||
160 | "category": "Awareness And Training", | ||||
161 | "code": "AT-3", | ||||
162 | "label": "Role-Based Training", | ||||
163 | "uuid": "64694da5-0ca9-44f6-bd94-0dc1fa8f69ea" | ||||
164 | }, | ||||
165 | { | ||||
166 | "category": "Awareness And Training", | ||||
167 | "code": "AT-4", | ||||
168 | "label": "Training Records", | ||||
169 | "uuid": "a32e8643-88b7-4fa6-9a25-f67b9236b9d0" | ||||
170 | }, | ||||
171 | { | ||||
172 | "category": "Audit And Accountability", | ||||
173 | "code": "AU-1", | ||||
174 | "label": "Audit and Accountability Policy and Procedures", | ||||
175 | "uuid": "0de44076-cd30-439a-9375-c7c6692da6b2" | ||||
176 | }, | ||||
177 | { | ||||
178 | "category": "Audit And Accountability", | ||||
179 | "code": "AU-2", | ||||
180 | "label": "Audit Events", | ||||
181 | "uuid": "8b250e6b-4463-4d55-9241-c99db31a838c" | ||||
182 | }, | ||||
183 | { | ||||
184 | "category": "Audit And Accountability", | ||||
185 | "code": "AU-3", | ||||
186 | "label": "Content of Audit Records", | ||||
187 | "uuid": "aefeafa5-2f92-4a78-a149-6b00f8a0f9f1" | ||||
188 | }, | ||||
189 | { | ||||
190 | "category": "Audit And Accountability", | ||||
191 | "code": "AU-4", | ||||
192 | "label": "Audit Storage Capacity", | ||||
193 | "uuid": "6145995f-74e1-4479-ba93-c1cdd9e34f8c" | ||||
194 | }, | ||||
195 | { | ||||
196 | "category": "Audit And Accountability", | ||||
197 | "code": "AU-5", | ||||
198 | "label": "Response to Audit Processing Failures", | ||||
199 | "uuid": "bcc90c0a-8c92-4e75-ba67-a9dd2a64ca9d" | ||||
200 | }, | ||||
201 | { | ||||
202 | "category": "Audit And Accountability", | ||||
203 | "code": "AU-6", | ||||
204 | "label": "Audit Review, Analysis, and Reporting", | ||||
205 | "uuid": "cb39be02-c637-4984-ad59-ad1b5afd7609" | ||||
206 | }, | ||||
207 | { | ||||
208 | "category": "Audit And Accountability", | ||||
209 | "code": "AU-7", | ||||
210 | "label": "Audit Reduction and Report Generation", | ||||
211 | "uuid": "8314aca6-82c0-4955-a6d3-78f41146ef15" | ||||
212 | }, | ||||
213 | { | ||||
214 | "category": "Audit And Accountability", | ||||
215 | "code": "AU-8", | ||||
216 | "label": "Time Stamps", | ||||
217 | "uuid": "b9383590-e160-4840-b6e7-9476aeb6b8c0" | ||||
218 | }, | ||||
219 | { | ||||
220 | "category": "Audit And Accountability", | ||||
221 | "code": "AU-9", | ||||
222 | "label": "Protection of Audit Information", | ||||
223 | "uuid": "aff838cd-5392-4620-be39-87c4ae7b6d33" | ||||
224 | }, | ||||
225 | { | ||||
226 | "category": "Audit And Accountability", | ||||
227 | "code": "AU-10", | ||||
228 | "label": "Non-repudiation", | ||||
229 | "uuid": "52e68421-ebcf-453f-8e42-48813d47dcf6" | ||||
230 | }, | ||||
231 | { | ||||
232 | "category": "Audit And Accountability", | ||||
233 | "code": "AU-11", | ||||
234 | "label": "Audit Record Retention", | ||||
235 | "uuid": "30ccd853-e570-4c61-98d0-4837692d0654" | ||||
236 | }, | ||||
237 | { | ||||
238 | "category": "Audit And Accountability", | ||||
239 | "code": "AU-12", | ||||
240 | "label": "Audit Generation", | ||||
241 | "uuid": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023" | ||||
242 | }, | ||||
243 | { | ||||
244 | "category": "Audit And Accountability", | ||||
245 | "code": "AU-13", | ||||
246 | "label": "Monitoring for Information Disclosure", | ||||
247 | "uuid": "ca6dc3b4-45ad-4a17-84c2-06fe7de2936e" | ||||
248 | }, | ||||
249 | { | ||||
250 | "category": "Audit And Accountability", | ||||
251 | "code": "AU-14", | ||||
252 | "label": "Session Audit", | ||||
253 | "uuid": "d447bf80-7c6e-4e16-9f69-a15ed7eafd92" | ||||
254 | }, | ||||
255 | { | ||||
256 | "category": "Audit And Accountability", | ||||
257 | "code": "AU-15", | ||||
258 | "label": "Alternate Audit Capability", | ||||
259 | "uuid": "43d6e18f-7d4e-43f5-af7f-ea6d07d37299" | ||||
260 | }, | ||||
261 | { | ||||
262 | "category": "Audit And Accountability", | ||||
263 | "code": "AU-16", | ||||
264 | "label": "Cross-Organizational Auditing", | ||||
265 | "uuid": "e499f145-1fad-49e2-9403-f50a2a9801e8" | ||||
266 | }, | ||||
267 | { | ||||
268 | "category": "Security Assessment And Authorization", | ||||
269 | "code": "CA-1", | ||||
270 | "label": "Assessment, Authorization, and Monitoring Policies and Procedures", | ||||
271 | "uuid": "9bc48f7a-6863-421d-96c5-7e7099ef2415" | ||||
272 | }, | ||||
273 | { | ||||
274 | "category": "Security Assessment And Authorization", | ||||
275 | "code": "CA-2", | ||||
276 | "label": "Assessments", | ||||
277 | "uuid": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" | ||||
278 | }, | ||||
279 | { | ||||
280 | "category": "Security Assessment And Authorization", | ||||
281 | "code": "CA-3", | ||||
282 | "label": "System Interconnections", | ||||
283 | "uuid": "6c55f12d-0f58-4caf-9c27-91c38d3620e3" | ||||
284 | }, | ||||
285 | { | ||||
286 | "category": "Security Assessment And Authorization", | ||||
287 | "code": "CA-5", | ||||
288 | "label": "Plan of Action and Milestones", | ||||
289 | "uuid": "0af9100d-df42-4d7e-953d-8c1fd56dff85" | ||||
290 | }, | ||||
291 | { | ||||
292 | "category": "Security Assessment And Authorization", | ||||
293 | "code": "CA-6", | ||||
294 | "label": "Authorization", | ||||
295 | "uuid": "de31dbbb-4981-4815-acfa-8375989d98cd" | ||||
296 | }, | ||||
297 | { | ||||
298 | "category": "Security Assessment And Authorization", | ||||
299 | "code": "CA-7", | ||||
300 | "label": "Continuous Monitoring", | ||||
301 | "uuid": "5264169d-4e61-40b7-800e-1998f41af781" | ||||
302 | }, | ||||
303 | { | ||||
304 | "category": "Security Assessment And Authorization", | ||||
305 | "code": "CA-8", | ||||
306 | "label": "Penetration Testing", | ||||
307 | "uuid": "2080500f-047a-4695-841f-326310fd6a79" | ||||
308 | }, | ||||
309 | { | ||||
310 | "category": "Security Assessment And Authorization", | ||||
311 | "code": "CA-9", | ||||
312 | "label": "Internal System Connections", | ||||
313 | "uuid": "063f894b-5f12-4e99-8277-6e21692c977d" | ||||
314 | }, | ||||
315 | { | ||||
316 | "category": "Configuration Management", | ||||
317 | "code": "CM-1", | ||||
318 | "label": "Configuration Management Policy and Procedures", | ||||
319 | "uuid": "698ebcc9-cf38-49d4-9a7a-dce61bbff968" | ||||
320 | }, | ||||
321 | { | ||||
322 | "category": "Configuration Management", | ||||
323 | "code": "CM-2", | ||||
324 | "label": "Baseline Configuration", | ||||
325 | "uuid": "3b076d55-a168-4e4e-ba44-cac820929399" | ||||
326 | }, | ||||
327 | { | ||||
328 | "category": "Configuration Management", | ||||
329 | "code": "CM-3", | ||||
330 | "label": "Configuration Change Control", | ||||
331 | "uuid": "27086d2c-4ed0-4163-89c3-d280559102ea" | ||||
332 | }, | ||||
333 | { | ||||
334 | "category": "Configuration Management", | ||||
335 | "code": "CM-4", | ||||
336 | "label": "Security and Privacy Impact Analyses", | ||||
337 | "uuid": "4d738f6e-3999-4a07-97f8-552ef2df77f3" | ||||
338 | }, | ||||
339 | { | ||||
340 | "category": "Configuration Management", | ||||
341 | "code": "CM-5", | ||||
342 | "label": "Access Restrictions for Change", | ||||
343 | "uuid": "dce2b6b6-33dd-45b1-9006-e09493aa95e3" | ||||
344 | }, | ||||
345 | { | ||||
346 | "category": "Configuration Management", | ||||
347 | "code": "CM-6", | ||||
348 | "label": "Configuration Settings", | ||||
349 | "uuid": "dfeeec44-4cd4-49f8-8a41-2c03f786f818" | ||||
350 | }, | ||||
351 | { | ||||
352 | "category": "Configuration Management", | ||||
353 | "code": "CM-7", | ||||
354 | "label": "Least Functionality", | ||||
355 | "uuid": "d0557646-d1eb-4d79-8670-b1cdaf1072be" | ||||
356 | }, | ||||
357 | { | ||||
358 | "category": "Configuration Management", | ||||
359 | "code": "CM-8", | ||||
360 | "label": "System Component Inventory", | ||||
361 | "uuid": "36ae972c-4543-4548-8946-47cb651ed0ef" | ||||
362 | }, | ||||
363 | { | ||||
364 | "category": "Configuration Management", | ||||
365 | "code": "CM-9", | ||||
366 | "label": "Configuration Management Plan", | ||||
367 | "uuid": "b53a00fb-054c-4f9e-8aff-69ad91c1dcb8" | ||||
368 | }, | ||||
369 | { | ||||
370 | "category": "Configuration Management", | ||||
371 | "code": "CM-10", | ||||
372 | "label": "Software Usage Restrictions", | ||||
373 | "uuid": "8ccaf96b-99b1-4677-be72-1e072cc26ebd" | ||||
374 | }, | ||||
375 | { | ||||
376 | "category": "Configuration Management", | ||||
377 | "code": "CM-11", | ||||
378 | "label": "User-Installed Software", | ||||
379 | "uuid": "0e0864af-bd66-4012-b7ea-75ee7a57ef0b" | ||||
380 | }, | ||||
381 | { | ||||
382 | "category": "Configuration Management", | ||||
383 | "code": "CM-12", | ||||
384 | "label": "Information Location", | ||||
385 | "uuid": "50310b7b-0a4b-4572-998c-5954f7d6750e" | ||||
386 | }, | ||||
387 | { | ||||
388 | "category": "Contingency Planning", | ||||
389 | "code": "CP-1", | ||||
390 | "label": "Contingency Planning Policy and Procedures", | ||||
391 | "uuid": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed" | ||||
392 | }, | ||||
393 | { | ||||
394 | "category": "Contingency Planning", | ||||
395 | "code": "CP-2", | ||||
396 | "label": "Contingency Plan", | ||||
397 | "uuid": "4f08538a-9f7d-422f-aaae-0949bf39c028" | ||||
398 | }, | ||||
399 | { | ||||
400 | "category": "Contingency Planning", | ||||
401 | "code": "CP-3", | ||||
402 | "label": "Contingency Training", | ||||
403 | "uuid": "a3a1db7e-c1e1-409d-aa9a-e4b4ca925be6" | ||||
404 | }, | ||||
405 | { | ||||
406 | "category": "Contingency Planning", | ||||
407 | "code": "CP-4", | ||||
408 | "label": "Contingency Plan Testing", | ||||
409 | "uuid": "4c98569b-ec41-4758-b8a3-5bd75b56d38b" | ||||
410 | }, | ||||
411 | { | ||||
412 | "category": "Contingency Planning", | ||||
413 | "code": "CP-6", | ||||
414 | "label": "Alternate Storage Site", | ||||
415 | "uuid": "60a84903-025a-40c5-9cf6-dad960e55cf1" | ||||
416 | }, | ||||
417 | { | ||||
418 | "category": "Contingency Planning", | ||||
419 | "code": "CP-7", | ||||
420 | "label": "Alternate Processing Site", | ||||
421 | "uuid": "1dfd046a-a422-4089-9fda-c141e865042a" | ||||
422 | }, | ||||
423 | { | ||||
424 | "category": "Contingency Planning", | ||||
425 | "code": "CP-8", | ||||
426 | "label": "Telecommunications Services", | ||||
427 | "uuid": "01096bf7-a45e-40d9-851e-72a6b8d7344a" | ||||
428 | }, | ||||
429 | { | ||||
430 | "category": "Contingency Planning", | ||||
431 | "code": "CP-9", | ||||
432 | "label": "System Backup", | ||||
433 | "uuid": "5cdd85f2-15b0-4c61-b3d4-66f4ba9114c8" | ||||
434 | }, | ||||
435 | { | ||||
436 | "category": "Contingency Planning", | ||||
437 | "code": "CP-10", | ||||
438 | "label": "System Recovery and Reconstitution", | ||||
439 | "uuid": "5ba61017-362e-411b-929d-c76c27358660" | ||||
440 | }, | ||||
441 | { | ||||
442 | "category": "Contingency Planning", | ||||
443 | "code": "CP-11", | ||||
444 | "label": "Alternate Communications Protocols", | ||||
445 | "uuid": "b705c1c5-aee2-4cb0-9f55-f045fc627f34" | ||||
446 | }, | ||||
447 | { | ||||
448 | "category": "Contingency Planning", | ||||
449 | "code": "CP-12", | ||||
450 | "label": "Safe Mode", | ||||
451 | "uuid": "b827b7db-76ee-4fda-b193-3004feef59e0" | ||||
452 | }, | ||||
453 | { | ||||
454 | "category": "Contingency Planning", | ||||
455 | "code": "CP-13", | ||||
456 | "label": "Alternative Security Mechanisms", | ||||
457 | "uuid": "5278ff6f-473b-4a2c-8234-1a6a3198c701" | ||||
458 | }, | ||||
459 | { | ||||
460 | "category": "Identification And Authentication", | ||||
461 | "code": "IA-1", | ||||
462 | "label": "Identification and Authentication Policy and Procedures", | ||||
463 | "uuid": "99e77822-723b-4a08-8ee0-4c73ad494db7" | ||||
464 | }, | ||||
465 | { | ||||
466 | "category": "Identification And Authentication", | ||||
467 | "code": "IA-2", | ||||
468 | "label": "Identification and Authentication (Organizational Users)", | ||||
469 | "uuid": "b82eba2f-bbf7-4390-aa9e-e35ccae691ba" | ||||
470 | }, | ||||
471 | { | ||||
472 | "category": "Identification And Authentication", | ||||
473 | "code": "IA-3", | ||||
474 | "label": "Device Identification and Authentication", | ||||
475 | "uuid": "e37e0d76-3ea8-49e4-b65b-a5e2645a902a" | ||||
476 | }, | ||||
477 | { | ||||
478 | "category": "Identification And Authentication", | ||||
479 | "code": "IA-4", | ||||
480 | "label": "Identifier Management", | ||||
481 | "uuid": "23ab9d48-396c-4f20-9344-e6a6bd2439a2" | ||||
482 | }, | ||||
483 | { | ||||
484 | "category": "Identification And Authentication", | ||||
485 | "code": "IA-5", | ||||
486 | "label": "Authenticator Management", | ||||
487 | "uuid": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0" | ||||
488 | }, | ||||
489 | { | ||||
490 | "category": "Identification And Authentication", | ||||
491 | "code": "IA-6", | ||||
492 | "label": "Authenticator Feedback", | ||||
493 | "uuid": "1bf6a2b8-b728-49a2-953f-0a965d966db1" | ||||
494 | }, | ||||
495 | { | ||||
496 | "category": "Identification And Authentication", | ||||
497 | "code": "IA-7", | ||||
498 | "label": "Cryptographic Module Authentication", | ||||
499 | "uuid": "7c68c0c2-fea5-44d1-8580-5170edd92e22" | ||||
500 | }, | ||||
501 | { | ||||
502 | "category": "Identification And Authentication", | ||||
503 | "code": "IA-8", | ||||
504 | "label": "Identification and Authentication (Non-Organizational Users)", | ||||
505 | "uuid": "df6812ce-357b-44ae-8979-a663a85fa687" | ||||
506 | }, | ||||
507 | { | ||||
508 | "category": "Identification And Authentication", | ||||
509 | "code": "IA-9", | ||||
510 | "label": "Service Identification and Authentication", | ||||
511 | "uuid": "17a82de8-0490-4100-a4fb-2ad9af49d594" | ||||
512 | }, | ||||
513 | { | ||||
514 | "category": "Identification And Authentication", | ||||
515 | "code": "IA-10", | ||||
516 | "label": "Adaptive Authentication", | ||||
517 | "uuid": "f0b81b68-372d-4ced-9c6b-7d8ae3da799c" | ||||
518 | }, | ||||
519 | { | ||||
520 | "category": "Identification And Authentication", | ||||
521 | "code": "IA-11", | ||||
522 | "label": "Re-authentication", | ||||
523 | "uuid": "625e343d-7aa1-46e1-939b-50f5b8f5f5b4" | ||||
524 | }, | ||||
525 | { | ||||
526 | "category": "Identification And Authentication", | ||||
527 | "code": "IA-12", | ||||
528 | "label": "Identity Proofing", | ||||
529 | "uuid": "c183aff2-8e42-439c-9392-d6823321ec9e" | ||||
530 | }, | ||||
531 | { | ||||
532 | "category": "Individual Participation", | ||||
533 | "code": "IP-1", | ||||
534 | "label": "Individual Participation Policy and Procedures", | ||||
535 | "uuid": "b41dacdb-78d6-4744-bcae-5a46b95cfe04" | ||||
536 | }, | ||||
537 | { | ||||
538 | "category": "Individual Participation", | ||||
539 | "code": "IP-2", | ||||
540 | "label": "Consent", | ||||
541 | "uuid": "4123ace0-da01-431c-997c-bd03e3319f36" | ||||
542 | }, | ||||
543 | { | ||||
544 | "category": "Individual Participation", | ||||
545 | "code": "IP-3", | ||||
546 | "label": "Redress", | ||||
547 | "uuid": "72eed0db-aa5a-4677-899f-b56d01187c6e" | ||||
548 | }, | ||||
549 | { | ||||
550 | "category": "Individual Participation", | ||||
551 | "code": "IP-4", | ||||
552 | "label": "Privacy Notice", | ||||
553 | "uuid": "d351c523-45f7-405c-aa9e-eb4289dea021" | ||||
554 | }, | ||||
555 | { | ||||
556 | "category": "Individual Participation", | ||||
557 | "code": "IP-5", | ||||
558 | "label": "Privacy Act Statement", | ||||
559 | "uuid": "90b76f4c-10ec-4530-a7c8-b3d488d8886d" | ||||
560 | }, | ||||
561 | { | ||||
562 | "category": "Individual Participation", | ||||
563 | "code": "IP-6", | ||||
564 | "label": "Individual Access", | ||||
565 | "uuid": "67e6c588-aea1-47c7-a34e-e04bf91df582" | ||||
566 | }, | ||||
567 | { | ||||
568 | "category": "Incident Response", | ||||
569 | "code": "IR-1", | ||||
570 | "label": "Incident Response Policy and Procedures", | ||||
571 | "uuid": "74b14d2d-6320-4ac9-9b74-d93177dd4329" | ||||
572 | }, | ||||
573 | { | ||||
574 | "category": "Incident Response", | ||||
575 | "code": "IR-2", | ||||
576 | "label": "Incident Response Training", | ||||
577 | "uuid": "1476a1d4-f1f5-42ae-93a6-1227a89cb3e3" | ||||
578 | }, | ||||
579 | { | ||||
580 | "category": "Incident Response", | ||||
581 | "code": "IR-3", | ||||
582 | "label": "Incident Response Testing", | ||||
583 | "uuid": "e8449cab-54ae-4bd4-8b6e-de2820e8ec4b" | ||||
584 | }, | ||||
585 | { | ||||
586 | "category": "Incident Response", | ||||
587 | "code": "IR-4", | ||||
588 | "label": "Incident Handling", | ||||
589 | "uuid": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" | ||||
590 | }, | ||||
591 | { | ||||
592 | "category": "Incident Response", | ||||
593 | "code": "IR-5", | ||||
594 | "label": "Incident Monitoring", | ||||
595 | "uuid": "10213f53-5179-42f2-beb6-1364872d983d" | ||||
596 | }, | ||||
597 | { | ||||
598 | "category": "Incident Response", | ||||
599 | "code": "IR-6", | ||||
600 | "label": "Incident Reporting", | ||||
601 | "uuid": "69e93c59-0239-4bc8-8d5f-d2c65c706f46" | ||||
602 | }, | ||||
603 | { | ||||
604 | "category": "Incident Response", | ||||
605 | "code": "IR-7", | ||||
606 | "label": "Incident Response Assistance", | ||||
607 | "uuid": "54802539-1d62-43c3-8f7e-8c7e03087812" | ||||
608 | }, | ||||
609 | { | ||||
610 | "category": "Incident Response", | ||||
611 | "code": "IR-8", | ||||
612 | "label": "Incident Response Plan", | ||||
613 | "uuid": "c2260bd5-161f-4fb9-8496-0de50c2c3440" | ||||
614 | }, | ||||
615 | { | ||||
616 | "category": "Incident Response", | ||||
617 | "code": "IR-9", | ||||
618 | "label": "Information Spillage Response", | ||||
619 | "uuid": "e1211579-cdf4-4357-ba8a-3a5c46401837" | ||||
620 | }, | ||||
621 | { | ||||
622 | "category": "Incident Response", | ||||
623 | "code": "IR-10", | ||||
624 | "label": "Integrated Information Security Analysis Team", | ||||
625 | "uuid": "a781d945-be41-4457-aef9-5f1757031940" | ||||
626 | }, | ||||
627 | { | ||||
628 | "category": "Maintenance", | ||||
629 | "code": "MA-1", | ||||
630 | "label": "System Maintenance Policy and Procedures", | ||||
631 | "uuid": "7fb408ab-f358-489d-be81-5b9395da78a7" | ||||
632 | }, | ||||
633 | { | ||||
634 | "category": "Maintenance", | ||||
635 | "code": "MA-2", | ||||
636 | "label": "Controlled Maintenance", | ||||
637 | "uuid": "9d4a3657-457f-4223-adfe-d0b2df91ffc3" | ||||
638 | }, | ||||
639 | { | ||||
640 | "category": "Maintenance", | ||||
641 | "code": "MA-3", | ||||
642 | "label": "Maintenance Tools", | ||||
643 | "uuid": "508b0a74-cd81-4a65-b2c1-bb4c193adc53" | ||||
644 | }, | ||||
645 | { | ||||
646 | "category": "Maintenance", | ||||
647 | "code": "MA-4", | ||||
648 | "label": "Nonlocal Maintenance", | ||||
649 | "uuid": "a8768b25-29ff-4b0a-a61e-89a2dacb2ff8" | ||||
650 | }, | ||||
651 | { | ||||
652 | "category": "Maintenance", | ||||
653 | "code": "MA-5", | ||||
654 | "label": "Maintenance Personnel", | ||||
655 | "uuid": "be8d5a19-945d-4b26-9499-790193e65b06" | ||||
656 | }, | ||||
657 | { | ||||
658 | "category": "Maintenance", | ||||
659 | "code": "MA-6", | ||||
660 | "label": "Timely Maintenance", | ||||
661 | "uuid": "9368a916-1fac-4dd2-b621-751ef4483a72" | ||||
662 | }, | ||||
663 | { | ||||
664 | "category": "Media Protection", | ||||
665 | "code": "MP-1", | ||||
666 | "label": "Media Protection Policy and Procedures", | ||||
667 | "uuid": "bcc51690-d12c-41a8-bd76-6aae187a8afc" | ||||
668 | }, | ||||
669 | { | ||||
670 | "category": "Media Protection", | ||||
671 | "code": "MP-2", | ||||
672 | "label": "Media Access", | ||||
673 | "uuid": "14555491-0f15-428b-9ecd-836c6307675c" | ||||
674 | }, | ||||
675 | { | ||||
676 | "category": "Media Protection", | ||||
677 | "code": "MP-3", | ||||
678 | "label": "Media Marking", | ||||
679 | "uuid": "70ccf1af-4cad-443a-9dcd-9b49c4b6aec8" | ||||
680 | }, | ||||
681 | { | ||||
682 | "category": "Media Protection", | ||||
683 | "code": "MP-4", | ||||
684 | "label": "Media Storage", | ||||
685 | "uuid": "50272033-eb78-4309-84e0-303320d75b87" | ||||
686 | }, | ||||
687 | { | ||||
688 | "category": "Media Protection", | ||||
689 | "code": "MP-5", | ||||
690 | "label": "Media Transport", | ||||
691 | "uuid": "025d84e9-5612-404e-acf4-5d860c01a73c" | ||||
692 | }, | ||||
693 | { | ||||
694 | "category": "Media Protection", | ||||
695 | "code": "MP-6", | ||||
696 | "label": "Media Sanitization", | ||||
697 | "uuid": "b0779c7f-7db2-4af2-ab93-5c000a889408" | ||||
698 | }, | ||||
699 | { | ||||
700 | "category": "Media Protection", | ||||
701 | "code": "MP-7", | ||||
702 | "label": "Media Use", | ||||
703 | "uuid": "cc087e48-874b-4953-adcc-96fac3f19306" | ||||
704 | }, | ||||
705 | { | ||||
706 | "category": "Media Protection", | ||||
707 | "code": "MP-8", | ||||
708 | "label": "Media Downgrading", | ||||
709 | "uuid": "b6ed1637-26e3-4278-9552-89601f278d8c" | ||||
710 | }, | ||||
711 | { | ||||
712 | "category": "Privacy Authorization", | ||||
713 | "code": "PA-1", | ||||
714 | "label": "Privacy Authorization Policy and Procedures", | ||||
715 | "uuid": "5b92c7ee-202b-4de8-983c-74937b86b48f" | ||||
716 | }, | ||||
717 | { | ||||
718 | "category": "Privacy Authorization", | ||||
719 | "code": "PA-2", | ||||
720 | "label": "Authority to Collect", | ||||
721 | "uuid": "ee9525ea-a06f-4862-b6c8-c09fa266ea38" | ||||
722 | }, | ||||
723 | { | ||||
724 | "category": "Privacy Authorization", | ||||
725 | "code": "PA-3", | ||||
726 | "label": "Purpose Specification", | ||||
727 | "uuid": "dc814dd1-359d-4245-839c-5a1cdd6e1bad" | ||||
728 | }, | ||||
729 | { | ||||
730 | "category": "Privacy Authorization", | ||||
731 | "code": "PA-4", | ||||
732 | "label": "Information Sharing With External Parties", | ||||
733 | "uuid": "f7c64768-dc70-4e4d-b121-58f41bfde7c6" | ||||
734 | }, | ||||
735 | { | ||||
736 | "category": "Physical And Environmental Protection", | ||||
737 | "code": "PE-1", | ||||
738 | "label": "Physical and Environmental Protection Policy and Procedures", | ||||
739 | "uuid": "c1738677-3cae-4833-97b4-f2f3c04dd5e0" | ||||
740 | }, | ||||
741 | { | ||||
742 | "category": "Physical And Environmental Protection", | ||||
743 | "code": "PE-2", | ||||
744 | "label": "Physical Access Authorizations", | ||||
745 | "uuid": "e3d43ffd-1286-42c0-98fa-0e2e75d233e7" | ||||
746 | }, | ||||
747 | { | ||||
748 | "category": "Physical And Environmental Protection", | ||||
749 | "code": "PE-3", | ||||
750 | "label": "Physical Access Control", | ||||
751 | "uuid": "06679cfa-1bfd-436a-b99d-698fb275dfdb" | ||||
752 | }, | ||||
753 | { | ||||
754 | "category": "Physical And Environmental Protection", | ||||
755 | "code": "PE-4", | ||||
756 | "label": "Access Control for Transmission", | ||||
757 | "uuid": "f1dc5cba-17a8-4bee-aad0-d6b0ca84124d" | ||||
758 | }, | ||||
759 | { | ||||
760 | "category": "Physical And Environmental Protection", | ||||
761 | "code": "PE-5", | ||||
762 | "label": "Access Control for Output Devices", | ||||
763 | "uuid": "e8ed7158-ffc1-44a4-8673-80286ad97b36" | ||||
764 | }, | ||||
765 | { | ||||
766 | "category": "Physical And Environmental Protection", | ||||
767 | "code": "PE-6", | ||||
768 | "label": "Monitoring Physical Access", | ||||
769 | "uuid": "e48c2a77-93da-4afb-bde7-7bd957196286" | ||||
770 | }, | ||||
771 | { | ||||
772 | "category": "Physical And Environmental Protection", | ||||
773 | "code": "PE-8", | ||||
774 | "label": "Visitor Access Records", | ||||
775 | "uuid": "b3ee40ae-b296-4e88-9033-cb669e98f11c" | ||||
776 | }, | ||||
777 | { | ||||
778 | "category": "Physical And Environmental Protection", | ||||
779 | "code": "PE-9", | ||||
780 | "label": "Power Equipment and Cabling", | ||||
781 | "uuid": "7c9127dc-e0e8-4a6f-9cf9-82f5a7b18f37" | ||||
782 | }, | ||||
783 | { | ||||
784 | "category": "Physical And Environmental Protection", | ||||
785 | "code": "PE-10", | ||||
786 | "label": "Emergency Shutoff", | ||||
787 | "uuid": "990ee3a7-3044-4c8f-8387-946a7a9aba76" | ||||
788 | }, | ||||
789 | { | ||||
790 | "category": "Physical And Environmental Protection", | ||||
791 | "code": "PE-11", | ||||
792 | "label": "Emergency Power", | ||||
793 | "uuid": "6d3fbb99-fa7d-4c65-9c5f-928044a5840f" | ||||
794 | }, | ||||
795 | { | ||||
796 | "category": "Physical And Environmental Protection", | ||||
797 | "code": "PE-12", | ||||
798 | "label": "Emergency Lighting", | ||||
799 | "uuid": "5cf67afa-7a43-4dd4-b1db-dd28862a689c" | ||||
800 | }, | ||||
801 | { | ||||
802 | "category": "Physical And Environmental Protection", | ||||
803 | "code": "PE-13", | ||||
804 | "label": "Fire Protection", | ||||
805 | "uuid": "51e4fd6c-0aa8-4604-b13d-bf74c9706922" | ||||
806 | }, | ||||
807 | { | ||||
808 | "category": "Physical And Environmental Protection", | ||||
809 | "code": "PE-14", | ||||
810 | "label": "Temperature and Humidity Controls", | ||||
811 | "uuid": "9dda0a30-be3d-4752-867d-bf9570971c52" | ||||
812 | }, | ||||
813 | { | ||||
814 | "category": "Physical And Environmental Protection", | ||||
815 | "code": "PE-15", | ||||
816 | "label": "Water Damage Protection", | ||||
817 | "uuid": "6448f036-bdb2-4f21-8e30-0acf8073215d" | ||||
818 | }, | ||||
819 | { | ||||
820 | "category": "Physical And Environmental Protection", | ||||
821 | "code": "PE-16", | ||||
822 | "label": "Delivery and Removal", | ||||
823 | "uuid": "de6195c6-1fc1-423a-a748-785653c9324f" | ||||
824 | }, | ||||
825 | { | ||||
826 | "category": "Physical And Environmental Protection", | ||||
827 | "code": "PE-17", | ||||
828 | "label": "Alternate Work Site", | ||||
829 | "uuid": "aead24db-a196-4daf-a099-60b1d1991d70" | ||||
830 | }, | ||||
831 | { | ||||
832 | "category": "Physical And Environmental Protection", | ||||
833 | "code": "PE-18", | ||||
834 | "label": "Location of System Components", | ||||
835 | "uuid": "53ae3aa9-d88e-4f55-a040-375cfe348c48" | ||||
836 | }, | ||||
837 | { | ||||
838 | "category": "Physical And Environmental Protection", | ||||
839 | "code": "PE-19", | ||||
840 | "label": "Information Leakage", | ||||
841 | "uuid": "244cbc08-55d5-46ea-ba28-aec72f16b337" | ||||
842 | }, | ||||
843 | { | ||||
844 | "category": "Physical And Environmental Protection", | ||||
845 | "code": "PE-20", | ||||
846 | "label": "Asset Monitoring and Tracking", | ||||
847 | "uuid": "2fd70998-9247-4efd-923d-276f5c76b3b9" | ||||
848 | }, | ||||
849 | { | ||||
850 | "category": "Physical And Environmental Protection", | ||||
851 | "code": "PE-21", | ||||
852 | "label": "Electromagnetic Pulse Protection", | ||||
853 | "uuid": "b3523d09-add6-4b33-aa3e-6f780d83a9d6" | ||||
854 | }, | ||||
855 | { | ||||
856 | "category": "Physical And Environmental Protection", | ||||
857 | "code": "PE-22", | ||||
858 | "label": "Component Marking", | ||||
859 | "uuid": "cd7d903b-0282-4895-8501-47b568183e97" | ||||
860 | }, | ||||
861 | { | ||||
862 | "category": "Planning", | ||||
863 | "code": "PL-1", | ||||
864 | "label": "Planning Policy and Procedures", | ||||
865 | "uuid": "3c492512-da9f-4112-a76a-3e5cb0400e6f" | ||||
866 | }, | ||||
867 | { | ||||
868 | "category": "Planning", | ||||
869 | "code": "PL-2", | ||||
870 | "label": "Security and Privacy Plans", | ||||
871 | "uuid": "8047a1c6-e890-4817-982d-04fcdc2820a2" | ||||
872 | }, | ||||
873 | { | ||||
874 | "category": "Planning", | ||||
875 | "code": "PL-4", | ||||
876 | "label": "Rules of Behavior", | ||||
877 | "uuid": "7b481f8c-2485-40a8-aee7-03b39721e103" | ||||
878 | }, | ||||
879 | { | ||||
880 | "category": "Planning", | ||||
881 | "code": "PL-7", | ||||
882 | "label": "Concept of Operations", | ||||
883 | "uuid": "7f388f12-77ec-47bf-b816-79cb42086b09" | ||||
884 | }, | ||||
885 | { | ||||
886 | "category": "Planning", | ||||
887 | "code": "PL-8", | ||||
888 | "label": "Security and Privacy Architectures", | ||||
889 | "uuid": "3bffd1eb-e6a7-47ad-927a-0d679048ed5a" | ||||
890 | }, | ||||
891 | { | ||||
892 | "category": "Planning", | ||||
893 | "code": "PL-9", | ||||
894 | "label": "Central Management", | ||||
895 | "uuid": "5b9bdfcc-3150-4c4a-8b08-386d9a829585" | ||||
896 | }, | ||||
897 | { | ||||
898 | "category": "Planning", | ||||
899 | "code": "PL-10", | ||||
900 | "label": "Baseline Selection", | ||||
901 | "uuid": "5df5007e-c8cd-4cc8-845b-0d0bb0daf66f" | ||||
902 | }, | ||||
903 | { | ||||
904 | "category": "Planning", | ||||
905 | "code": "PL-11", | ||||
906 | "label": "Baseline Tailoring", | ||||
907 | "uuid": "828560f0-7ac9-4960-aed9-6d618173a663" | ||||
908 | }, | ||||
909 | { | ||||
910 | "category": "Program Management", | ||||
911 | "code": "PM-1", | ||||
912 | "label": "Information Security Program Plan", | ||||
913 | "uuid": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05" | ||||
914 | }, | ||||
915 | { | ||||
916 | "category": "Program Management", | ||||
917 | "code": "PM-2", | ||||
918 | "label": "Information Security Program Roles", | ||||
919 | "uuid": "293ebc1c-0452-41f8-ab14-101846241a47" | ||||
920 | }, | ||||
921 | { | ||||
922 | "category": "Program Management", | ||||
923 | "code": "PM-3", | ||||
924 | "label": "Information Security and Privacy Resources", | ||||
925 | "uuid": "898d7024-6d3f-4d9a-868f-34ea1e451801" | ||||
926 | }, | ||||
927 | { | ||||
928 | "category": "Program Management", | ||||
929 | "code": "PM-4", | ||||
930 | "label": "Plan of Action and Milestones Process", | ||||
931 | "uuid": "08327040-541f-40b4-a1cc-815d9298afe0" | ||||
932 | }, | ||||
933 | { | ||||
934 | "category": "Program Management", | ||||
935 | "code": "PM-5", | ||||
936 | "label": "System Inventory", | ||||
937 | "uuid": "515fb4c4-2a45-47b7-9a7a-5878f1bbad9c" | ||||
938 | }, | ||||
939 | { | ||||
940 | "category": "Program Management", | ||||
941 | "code": "PM-6", | ||||
942 | "label": "Measures of Performance", | ||||
943 | "uuid": "d5a60a37-684d-4b4b-b8a2-7d03814ff70d" | ||||
944 | }, | ||||
945 | { | ||||
946 | "category": "Program Management", | ||||
947 | "code": "PM-7", | ||||
948 | "label": "Enterprise Architecture", | ||||
949 | "uuid": "ecefd9da-a07c-41c2-9397-017e878bdb67" | ||||
950 | }, | ||||
951 | { | ||||
952 | "category": "Program Management", | ||||
953 | "code": "PM-8", | ||||
954 | "label": "Critical Infrastructure Plan", | ||||
955 | "uuid": "2d2a7dc6-2770-4897-ac0b-492e7ddd24ed" | ||||
956 | }, | ||||
957 | { | ||||
958 | "category": "Program Management", | ||||
959 | "code": "PM-9", | ||||
960 | "label": "Risk Management Strategy", | ||||
961 | "uuid": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" | ||||
962 | }, | ||||
963 | { | ||||
964 | "category": "Program Management", | ||||
965 | "code": "PM-10", | ||||
966 | "label": "Authorization Process", | ||||
967 | "uuid": "ec1457b8-d116-45a4-8c61-5b8ddba8a2b9" | ||||
968 | }, | ||||
969 | { | ||||
970 | "category": "Program Management", | ||||
971 | "code": "PM-11", | ||||
972 | "label": "Mission and Business Process Definition", | ||||
973 | "uuid": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab" | ||||
974 | }, | ||||
975 | { | ||||
976 | "category": "Program Management", | ||||
977 | "code": "PM-12", | ||||
978 | "label": "Insider Threat Program", | ||||
979 | "uuid": "9a9f32cf-d951-4909-98fe-c6a936af3913" | ||||
980 | }, | ||||
981 | { | ||||
982 | "category": "Program Management", | ||||
983 | "code": "PM-13", | ||||
984 | "label": "Security and Privacy Workforce", | ||||
985 | "uuid": "b395f91d-24a4-4720-8534-3b491bb41002" | ||||
986 | }, | ||||
987 | { | ||||
988 | "category": "Program Management", | ||||
989 | "code": "PM-14", | ||||
990 | "label": "Testing, Training, and Monitoring", | ||||
991 | "uuid": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f" | ||||
992 | }, | ||||
993 | { | ||||
994 | "category": "Program Management", | ||||
995 | "code": "PM-15", | ||||
996 | "label": "Contacts with Groups and Associations", | ||||
997 | "uuid": "e1219fd8-9db2-4297-99da-63be2b433aa8" | ||||
998 | }, | ||||
999 | { | ||||
1000 | "category": "Program Management", | ||||
1001 | "code": "PM-16", | ||||
1002 | "label": "Threat Awareness Program", | ||||
1003 | "uuid": "9dd48833-5045-4e37-aa9a-2b69ee11739d" | ||||
1004 | }, | ||||
1005 | { | ||||
1006 | "category": "Program Management", | ||||
1007 | "code": "PM-17", | ||||
1008 | "label": "Protecting Controlled Unclassified Information on External Systems", | ||||
1009 | "uuid": "e25168b6-fb5b-4ae7-a14c-6afc86246348" | ||||
1010 | }, | ||||
1011 | { | ||||
1012 | "category": "Program Management", | ||||
1013 | "code": "PM-18", | ||||
1014 | "label": "Privacy Program Plan", | ||||
1015 | "uuid": "ab16520f-0c45-404d-8852-df2722a96412" | ||||
1016 | }, | ||||
1017 | { | ||||
1018 | "category": "Program Management", | ||||
1019 | "code": "PM-19", | ||||
1020 | "label": "Privacy Program Roles", | ||||
1021 | "uuid": "8e3958aa-59c3-4c3e-9cf0-1283d783ec46" | ||||
1022 | }, | ||||
1023 | { | ||||
1024 | "category": "Program Management", | ||||
1025 | "code": "PM-20", | ||||
1026 | "label": "System of Records Notice", | ||||
1027 | "uuid": "3585bbce-5c3b-4a2a-8a53-5c4af9467365" | ||||
1028 | }, | ||||
1029 | { | ||||
1030 | "category": "Program Management", | ||||
1031 | "code": "PM-21", | ||||
1032 | "label": "Dissemination of Privacy Program Information", | ||||
1033 | "uuid": "41ad2d98-3dc5-4167-a8cf-869b3b53c495" | ||||
1034 | }, | ||||
1035 | { | ||||
1036 | "category": "Program Management", | ||||
1037 | "code": "PM-22", | ||||
1038 | "label": "Accounting of Disclosures", | ||||
1039 | "uuid": "d7d3d288-cd67-40ea-871a-4aa256262dbf" | ||||
1040 | }, | ||||
1041 | { | ||||
1042 | "category": "Program Management", | ||||
1043 | "code": "PM-23", | ||||
1044 | "label": "Data Quality Management", | ||||
1045 | "uuid": "a43a957c-c1ce-462f-87b8-bcb962a26991" | ||||
1046 | }, | ||||
1047 | { | ||||
1048 | "category": "Program Management", | ||||
1049 | "code": "PM-24", | ||||
1050 | "label": "Data Management Board", | ||||
1051 | "uuid": "9c603ddb-5850-42a9-85bd-641667182bed" | ||||
1052 | }, | ||||
1053 | { | ||||
1054 | "category": "Program Management", | ||||
1055 | "code": "PM-25", | ||||
1056 | "label": "Data Integrity Board", | ||||
1057 | "uuid": "54ca56bb-3a0e-47b9-8cdb-b28976481e54" | ||||
1058 | }, | ||||
1059 | { | ||||
1060 | "category": "Program Management", | ||||
1061 | "code": "PM-26", | ||||
1062 | "label": "Minimization of Personally Identifiable Information", | ||||
1063 | "uuid": "e2aa9575-d1f9-440c-a3ae-72f79489dd3c" | ||||
1064 | }, | ||||
1065 | { | ||||
1066 | "category": "Program Management", | ||||
1067 | "code": "PM-27", | ||||
1068 | "label": "Individual Access Control", | ||||
1069 | "uuid": "ce8a976a-536a-44ea-bb8b-bcf28a6931c8" | ||||
1070 | }, | ||||
1071 | { | ||||
1072 | "category": "Program Management", | ||||
1073 | "code": "PM-28", | ||||
1074 | "label": "Complaint Management", | ||||
1075 | "uuid": "15f0293a-cef3-4c58-a6cf-725f0ea044c5" | ||||
1076 | }, | ||||
1077 | { | ||||
1078 | "category": "Program Management", | ||||
1079 | "code": "PM-29", | ||||
1080 | "label": "Inventory of Personally Identifiable Information", | ||||
1081 | "uuid": "7f02ee88-5118-467b-bffc-c6176276db0a" | ||||
1082 | }, | ||||
1083 | { | ||||
1084 | "category": "Program Management", | ||||
1085 | "code": "PM-30", | ||||
1086 | "label": "Privacy Reporting", | ||||
1087 | "uuid": "a6ae4db0-5f77-4e60-ae47-fa721623bcdb" | ||||
1088 | }, | ||||
1089 | { | ||||
1090 | "category": "Program Management", | ||||
1091 | "code": "PM-31", | ||||
1092 | "label": "Supply Chain Risk Management Plan", | ||||
1093 | "uuid": "da890a6a-f2be-44f2-b3f2-4ac8e84cd66a" | ||||
1094 | }, | ||||
1095 | { | ||||
1096 | "category": "Program Management", | ||||
1097 | "code": "PM-32", | ||||
1098 | "label": "Risk Framing", | ||||
1099 | "uuid": "2c4575a5-0d0a-40f7-8b8f-8a1c1a67b1e4" | ||||
1100 | }, | ||||
1101 | { | ||||
1102 | "category": "Personnel Security", | ||||
1103 | "code": "PS-1", | ||||
1104 | "label": "Personnel Security Policy and Procedures", | ||||
1105 | "uuid": "3e6cdfcd-14f3-4b34-a6d4-62d677332806" | ||||
1106 | }, | ||||
1107 | { | ||||
1108 | "category": "Personnel Security", | ||||
1109 | "code": "PS-2", | ||||
1110 | "label": "Position Risk Designation", | ||||
1111 | "uuid": "fd87a967-2217-418d-8378-b0773b7ca356" | ||||
1112 | }, | ||||
1113 | { | ||||
1114 | "category": "Personnel Security", | ||||
1115 | "code": "PS-3", | ||||
1116 | "label": "Personnel Screening", | ||||
1117 | "uuid": "22faa4a0-2027-4150-8176-c77e84e3f03d" | ||||
1118 | }, | ||||
1119 | { | ||||
1120 | "category": "Personnel Security", | ||||
1121 | "code": "PS-4", | ||||
1122 | "label": "Personnel Termination", | ||||
1123 | "uuid": "4d28a85e-20d2-4186-995e-de48a90eebb4" | ||||
1124 | }, | ||||
1125 | { | ||||
1126 | "category": "Personnel Security", | ||||
1127 | "code": "PS-5", | ||||
1128 | "label": "Personnel Transfer", | ||||
1129 | "uuid": "db5781c8-b759-47de-9862-27b2d3c2b568" | ||||
1130 | }, | ||||
1131 | { | ||||
1132 | "category": "Personnel Security", | ||||
1133 | "code": "PS-6", | ||||
1134 | "label": "Access Agreements", | ||||
1135 | "uuid": "012149b7-7c59-4220-83bf-d6879a886f20" | ||||
1136 | }, | ||||
1137 | { | ||||
1138 | "category": "Personnel Security", | ||||
1139 | "code": "PS-7", | ||||
1140 | "label": "External Personnel Security", | ||||
1141 | "uuid": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" | ||||
1142 | }, | ||||
1143 | { | ||||
1144 | "category": "Personnel Security", | ||||
1145 | "code": "PS-8", | ||||
1146 | "label": "Personnel Sanctions", | ||||
1147 | "uuid": "4b7824ea-dc4e-4938-9ebd-36b865f88585" | ||||
1148 | }, | ||||
1149 | { | ||||
1150 | "category": "Risk Assessment", | ||||
1151 | "code": "RA-1", | ||||
1152 | "label": "Risk Assessment Policy and Procedures", | ||||
1153 | "uuid": "675a9b3f-8abe-4b6f-948e-b701c2a02a84" | ||||
1154 | }, | ||||
1155 | { | ||||
1156 | "category": "Risk Assessment", | ||||
1157 | "code": "RA-2", | ||||
1158 | "label": "Security Categorization", | ||||
1159 | "uuid": "e30e5bc6-c3f4-4714-9c0a-6aed3e4daa6d" | ||||
1160 | }, | ||||
1161 | { | ||||
1162 | "category": "Risk Assessment", | ||||
1163 | "code": "RA-3", | ||||
1164 | "label": "Risk Assessment", | ||||
1165 | "uuid": "8a174f26-95ff-41dd-8042-039189065395" | ||||
1166 | }, | ||||
1167 | { | ||||
1168 | "category": "Risk Assessment", | ||||
1169 | "code": "RA-5", | ||||
1170 | "label": "Vulnerability Scanning", | ||||
1171 | "uuid": "9e62441a-c6d5-4707-a835-6230dc5b0d53" | ||||
1172 | }, | ||||
1173 | { | ||||
1174 | "category": "Risk Assessment", | ||||
1175 | "code": "RA-6", | ||||
1176 | "label": "Technical Surveillance Countermeasures Survey", | ||||
1177 | "uuid": "8bc26841-e02d-4eb6-9842-fbd30b5a9e6a" | ||||
1178 | }, | ||||
1179 | { | ||||
1180 | "category": "Risk Assessment", | ||||
1181 | "code": "RA-7", | ||||
1182 | "label": "Risk Response", | ||||
1183 | "uuid": "f19db716-460e-44f8-a2d2-304cbbe54b73" | ||||
1184 | }, | ||||
1185 | { | ||||
1186 | "category": "Risk Assessment", | ||||
1187 | "code": "RA-8", | ||||
1188 | "label": "Privacy Impact Assessment", | ||||
1189 | "uuid": "e54190a1-12f2-46d1-b36b-0e7b49b85e43" | ||||
1190 | }, | ||||
1191 | { | ||||
1192 | "category": "Risk Assessment", | ||||
1193 | "code": "RA-9", | ||||
1194 | "label": "Criticality Analysis", | ||||
1195 | "uuid": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" | ||||
1196 | }, | ||||
1197 | { | ||||
1198 | "category": "System And Services Acquisition", | ||||
1199 | "code": "SA-1", | ||||
1200 | "label": "System and Services Acquisition Policy and Procedures", | ||||
1201 | "uuid": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56" | ||||
1202 | }, | ||||
1203 | { | ||||
1204 | "category": "System And Services Acquisition", | ||||
1205 | "code": "SA-2", | ||||
1206 | "label": "Allocation of Resources", | ||||
1207 | "uuid": "54613df0-e745-4205-a828-827aca596814" | ||||
1208 | }, | ||||
1209 | { | ||||
1210 | "category": "System And Services Acquisition", | ||||
1211 | "code": "SA-3", | ||||
1212 | "label": "System Development Life Cycle", | ||||
1213 | "uuid": "d6871e86-4df5-4d80-8529-3ec214940b69" | ||||
1214 | }, | ||||
1215 | { | ||||
1216 | "category": "System And Services Acquisition", | ||||
1217 | "code": "SA-4", | ||||
1218 | "label": "Acquisition Process", | ||||
1219 | "uuid": "729aa83b-a59b-48a0-b0a0-c592402dcae7" | ||||
1220 | }, | ||||
1221 | { | ||||
1222 | "category": "System And Services Acquisition", | ||||
1223 | "code": "SA-5", | ||||
1224 | "label": "System Documentation", | ||||
1225 | "uuid": "d32c4960-9581-4717-9a02-690d61709153" | ||||
1226 | }, | ||||
1227 | { | ||||
1228 | "category": "System And Services Acquisition", | ||||
1229 | "code": "SA-8", | ||||
1230 | "label": "Security and Privacy Engineering Principles", | ||||
1231 | "uuid": "6fd6cc79-208a-4f2c-8a05-9adae75fd255" | ||||
1232 | }, | ||||
1233 | { | ||||
1234 | "category": "System And Services Acquisition", | ||||
1235 | "code": "SA-9", | ||||
1236 | "label": "External System Services", | ||||
1237 | "uuid": "64f93d70-568f-404a-a049-b7f37598ec66" | ||||
1238 | }, | ||||
1239 | { | ||||
1240 | "category": "System And Services Acquisition", | ||||
1241 | "code": "SA-10", | ||||
1242 | "label": "Developer Configuration Management", | ||||
1243 | "uuid": "769c7460-a4d0-45f3-a36e-4b8347526278" | ||||
1244 | }, | ||||
1245 | { | ||||
1246 | "category": "System And Services Acquisition", | ||||
1247 | "code": "SA-11", | ||||
1248 | "label": "Developer Testing and Evaluation", | ||||
1249 | "uuid": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15" | ||||
1250 | }, | ||||
1251 | { | ||||
1252 | "category": "System And Services Acquisition", | ||||
1253 | "code": "SA-12", | ||||
1254 | "label": "Supply Chain Risk Management", | ||||
1255 | "uuid": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" | ||||
1256 | }, | ||||
1257 | { | ||||
1258 | "category": "System And Services Acquisition", | ||||
1259 | "code": "SA-15", | ||||
1260 | "label": "Development Process, Standards, and Tools", | ||||
1261 | "uuid": "650ec6f8-fbad-4fe7-a0db-62d3861a5372" | ||||
1262 | }, | ||||
1263 | { | ||||
1264 | "category": "System And Services Acquisition", | ||||
1265 | "code": "SA-16", | ||||
1266 | "label": "Developer-Provided Training", | ||||
1267 | "uuid": "6c3aaa6d-9e7c-4dd3-b753-ba11c11ae5a6" | ||||
1268 | }, | ||||
1269 | { | ||||
1270 | "category": "System And Services Acquisition", | ||||
1271 | "code": "SA-17", | ||||
1272 | "label": "Developer Security Architecture and Design", | ||||
1273 | "uuid": "95f027c8-c84f-474f-bd23-872f96e00dc9" | ||||
1274 | }, | ||||
1275 | { | ||||
1276 | "category": "System And Services Acquisition", | ||||
1277 | "code": "SA-18", | ||||
1278 | "label": "Tamper Resistance and Detection", | ||||
1279 | "uuid": "280c9bba-f2e4-401f-911a-cdab227ac433" | ||||
1280 | }, | ||||
1281 | { | ||||
1282 | "category": "System And Services Acquisition", | ||||
1283 | "code": "SA-19", | ||||
1284 | "label": "Component Authenticity", | ||||
1285 | "uuid": "bf85f2a4-2b80-4ae9-b4b5-5c2084c04061" | ||||
1286 | }, | ||||
1287 | { | ||||
1288 | "category": "System And Services Acquisition", | ||||
1289 | "code": "SA-20", | ||||
1290 | "label": "Customized Development of Critical Components", | ||||
1291 | "uuid": "6a025dc5-0215-4e6d-a637-554dadeee055" | ||||
1292 | }, | ||||
1293 | { | ||||
1294 | "category": "System And Services Acquisition", | ||||
1295 | "code": "SA-21", | ||||
1296 | "label": "Developer Screening", | ||||
1297 | "uuid": "7277cac1-5813-4356-b108-72fe5263f8c3" | ||||
1298 | }, | ||||
1299 | { | ||||
1300 | "category": "System And Services Acquisition", | ||||
1301 | "code": "SA-22", | ||||
1302 | "label": "Unsupported System Components", | ||||
1303 | "uuid": "b39366a0-a64c-4b2f-b414-3798db55ecbd" | ||||
1304 | }, | ||||
1305 | { | ||||
1306 | "category": "System And Communications Protection", | ||||
1307 | "code": "SC-1", | ||||
1308 | "label": "System and Communications Protection Policy and Procedures", | ||||
1309 | "uuid": "11fe35fa-d904-4137-9961-307097961e0c" | ||||
1310 | }, | ||||
1311 | { | ||||
1312 | "category": "System And Communications Protection", | ||||
1313 | "code": "SC-2", | ||||
1314 | "label": "Application Partitioning", | ||||
1315 | "uuid": "48a48a13-9de4-4284-adba-4dbdca2ff535" | ||||
1316 | }, | ||||
1317 | { | ||||
1318 | "category": "System And Communications Protection", | ||||
1319 | "code": "SC-3", | ||||
1320 | "label": "Security Function Isolation", | ||||
1321 | "uuid": "44defc1c-50d1-43a3-9ffe-c85213ef031a" | ||||
1322 | }, | ||||
1323 | { | ||||
1324 | "category": "System And Communications Protection", | ||||
1325 | "code": "SC-4", | ||||
1326 | "label": "Information in Shared Systems Resources", | ||||
1327 | "uuid": "bfd580de-f47b-43b4-9470-7416ff778c72" | ||||
1328 | }, | ||||
1329 | { | ||||
1330 | "category": "System And Communications Protection", | ||||
1331 | "code": "SC-5", | ||||
1332 | "label": "Denial of Service Protection", | ||||
1333 | "uuid": "f929ec71-03e0-40a2-92eb-4078894a18a2" | ||||
1334 | }, | ||||
1335 | { | ||||
1336 | "category": "System And Communications Protection", | ||||
1337 | "code": "SC-6", | ||||
1338 | "label": "Resource Availability", | ||||
1339 | "uuid": "76c33e82-04e2-4ee5-88c6-40939d8349a7" | ||||
1340 | }, | ||||
1341 | { | ||||
1342 | "category": "System And Communications Protection", | ||||
1343 | "code": "SC-7", | ||||
1344 | "label": "Boundary Protection", | ||||
1345 | "uuid": "a6586afd-bc0f-4334-88da-615989665368" | ||||
1346 | }, | ||||
1347 | { | ||||
1348 | "category": "System And Communications Protection", | ||||
1349 | "code": "SC-8", | ||||
1350 | "label": "Transmission Confidentiality and Integrity", | ||||
1351 | "uuid": "583129dc-d3e3-49c3-8ee9-3fbf18e020de" | ||||
1352 | }, | ||||
1353 | { | ||||
1354 | "category": "System And Communications Protection", | ||||
1355 | "code": "SC-10", | ||||
1356 | "label": "Network Disconnect", | ||||
1357 | "uuid": "09932f73-e48b-4d2b-bced-733f4039902e" | ||||
1358 | }, | ||||
1359 | { | ||||
1360 | "category": "System And Communications Protection", | ||||
1361 | "code": "SC-11", | ||||
1362 | "label": "Trusted Path", | ||||
1363 | "uuid": "282a9038-ea94-420f-bbaf-fe4abc7addce" | ||||
1364 | }, | ||||
1365 | { | ||||
1366 | "category": "System And Communications Protection", | ||||
1367 | "code": "SC-12", | ||||
1368 | "label": "Cryptographic Key Establishment and Management", | ||||
1369 | "uuid": "6726eb21-52f9-4922-a1d6-50c098ddba74" | ||||
1370 | }, | ||||
1371 | { | ||||
1372 | "category": "System And Communications Protection", | ||||
1373 | "code": "SC-13", | ||||
1374 | "label": "Cryptographic Protection", | ||||
1375 | "uuid": "edd532b7-577e-441b-820c-3b73fbd11c79" | ||||
1376 | }, | ||||
1377 | { | ||||
1378 | "category": "System And Communications Protection", | ||||
1379 | "code": "SC-15", | ||||
1380 | "label": "Collaborative Computing Devices and Applications", | ||||
1381 | "uuid": "d44c41d6-5fa9-4fac-9751-a8236a103c35" | ||||
1382 | }, | ||||
1383 | { | ||||
1384 | "category": "System And Communications Protection", | ||||
1385 | "code": "SC-16", | ||||
1386 | "label": "Transmission of Security and Privacy Attributes", | ||||
1387 | "uuid": "35964415-2e6b-4a69-b04b-5e0208872f56" | ||||
1388 | }, | ||||
1389 | { | ||||
1390 | "category": "System And Communications Protection", | ||||
1391 | "code": "SC-17", | ||||
1392 | "label": "Public Key Infrastructure Certificates", | ||||
1393 | "uuid": "c2f67a16-dc82-4d43-a71b-63e2143f9b73" | ||||
1394 | }, | ||||
1395 | { | ||||
1396 | "category": "System And Communications Protection", | ||||
1397 | "code": "SC-18", | ||||
1398 | "label": "Mobile Code", | ||||
1399 | "uuid": "6f766bc2-750a-4249-89c9-39cf288143d5" | ||||
1400 | }, | ||||
1401 | { | ||||
1402 | "category": "System And Communications Protection", | ||||
1403 | "code": "SC-19", | ||||
1404 | "label": "Voice Over Internet Protocol", | ||||
1405 | "uuid": "a33021fe-acc7-43cb-9556-8d0ccfe41cf1" | ||||
1406 | }, | ||||
1407 | { | ||||
1408 | "category": "System And Communications Protection", | ||||
1409 | "code": "SC-20", | ||||
1410 | "label": "Secure Name / Address Resolution Service (Authoritative Source)", | ||||
1411 | "uuid": "4797690e-c2e2-4106-878e-14d789fe1b06" | ||||
1412 | }, | ||||
1413 | { | ||||
1414 | "category": "System And Communications Protection", | ||||
1415 | "code": "SC-21", | ||||
1416 | "label": "Secure Name / Address Resolution Service (Recursive or Caching Resolver)", | ||||
1417 | "uuid": "6938d14b-381c-4077-9505-7c33c62b6e34" | ||||
1418 | }, | ||||
1419 | { | ||||
1420 | "category": "System And Communications Protection", | ||||
1421 | "code": "SC-22", | ||||
1422 | "label": "Architecture and Provisioning for Name / Address Resolution Service", | ||||
1423 | "uuid": "ac363e88-daae-4198-aa53-f704e103ef02" | ||||
1424 | }, | ||||
1425 | { | ||||
1426 | "category": "System And Communications Protection", | ||||
1427 | "code": "SC-23", | ||||
1428 | "label": "Session Authenticity", | ||||
1429 | "uuid": "d80f59b0-9c5f-4ca8-b18f-9e07f791e66e" | ||||
1430 | }, | ||||
1431 | { | ||||
1432 | "category": "System And Communications Protection", | ||||
1433 | "code": "SC-24", | ||||
1434 | "label": "Fail in Known State", | ||||
1435 | "uuid": "a3829b6b-d219-4f77-9da6-528349ddd6e4" | ||||
1436 | }, | ||||
1437 | { | ||||
1438 | "category": "System And Communications Protection", | ||||
1439 | "code": "SC-25", | ||||
1440 | "label": "Thin Nodes", | ||||
1441 | "uuid": "6eadc9b8-2337-4847-ace5-f68686199ee7" | ||||
1442 | }, | ||||
1443 | { | ||||
1444 | "category": "System And Communications Protection", | ||||
1445 | "code": "SC-26", | ||||
1446 | "label": "Honeypots", | ||||
1447 | "uuid": "61ba9758-69d7-4794-a425-187b9ab3750e" | ||||
1448 | }, | ||||
1449 | { | ||||
1450 | "category": "System And Communications Protection", | ||||
1451 | "code": "SC-27", | ||||
1452 | "label": "Platform-Independent Applications", | ||||
1453 | "uuid": "65261ecf-bb17-4e63-af33-46b0084bb27a" | ||||
1454 | }, | ||||
1455 | { | ||||
1456 | "category": "System And Communications Protection", | ||||
1457 | "code": "SC-28", | ||||
1458 | "label": "Protection of Information At Rest", | ||||
1459 | "uuid": "a35f7748-5868-46cd-9dea-b4e87fde8311" | ||||
1460 | }, | ||||
1461 | { | ||||
1462 | "category": "System And Communications Protection", | ||||
1463 | "code": "SC-29", | ||||
1464 | "label": "Heterogeneity", | ||||
1465 | "uuid": "d9e23dad-dcf3-4def-86e9-5af6a6d631ce" | ||||
1466 | }, | ||||
1467 | { | ||||
1468 | "category": "System And Communications Protection", | ||||
1469 | "code": "SC-30", | ||||
1470 | "label": "Concealment and Misdirection", | ||||
1471 | "uuid": "84eca642-948e-466e-91cf-509f6f4b74fa" | ||||
1472 | }, | ||||
1473 | { | ||||
1474 | "category": "System And Communications Protection", | ||||
1475 | "code": "SC-31", | ||||
1476 | "label": "Covert Channel Analysis", | ||||
1477 | "uuid": "716c6729-ab0f-4334-a9e6-278dea6a702b" | ||||
1478 | }, | ||||
1479 | { | ||||
1480 | "category": "System And Communications Protection", | ||||
1481 | "code": "SC-32", | ||||
1482 | "label": "System Partitioning", | ||||
1483 | "uuid": "41ba0004-50a7-44bb-9ca4-5f84ce06e4c0" | ||||
1484 | }, | ||||
1485 | { | ||||
1486 | "category": "System And Communications Protection", | ||||
1487 | "code": "SC-34", | ||||
1488 | "label": "Non-Modifiable Executable Programs", | ||||
1489 | "uuid": "158f92a7-c6fe-4f88-bf35-b6ea4163ff28" | ||||
1490 | }, | ||||
1491 | { | ||||
1492 | "category": "System And Communications Protection", | ||||
1493 | "code": "SC-35", | ||||
1494 | "label": "Honeyclients", | ||||
1495 | "uuid": "d7baf2e4-8155-4e33-aa3b-4474252c4de4" | ||||
1496 | }, | ||||
1497 | { | ||||
1498 | "category": "System And Communications Protection", | ||||
1499 | "code": "SC-36", | ||||
1500 | "label": "Distributed Processing and Storage", | ||||
1501 | "uuid": "f3a16482-f15d-49ea-b206-b3f7400513fd" | ||||
1502 | }, | ||||
1503 | { | ||||
1504 | "category": "System And Communications Protection", | ||||
1505 | "code": "SC-37", | ||||
1506 | "label": "Out-of-Band Channels", | ||||
1507 | "uuid": "108a06d5-4b5d-4728-9823-d106445d8880" | ||||
1508 | }, | ||||
1509 | { | ||||
1510 | "category": "System And Communications Protection", | ||||
1511 | "code": "SC-38", | ||||
1512 | "label": "Operations Security", | ||||
1513 | "uuid": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2" | ||||
1514 | }, | ||||
1515 | { | ||||
1516 | "category": "System And Communications Protection", | ||||
1517 | "code": "SC-39", | ||||
1518 | "label": "Process Isolation", | ||||
1519 | "uuid": "be303727-2dc9-4e23-a026-282fa8012ed6" | ||||
1520 | }, | ||||
1521 | { | ||||
1522 | "category": "System And Communications Protection", | ||||
1523 | "code": "SC-40", | ||||
1524 | "label": "Wireless Link Protection", | ||||
1525 | "uuid": "714ae5c2-00a0-4163-b949-699dfd3ab8a0" | ||||
1526 | }, | ||||
1527 | { | ||||
1528 | "category": "System And Communications Protection", | ||||
1529 | "code": "SC-41", | ||||
1530 | "label": "Port and I/O Device Access", | ||||
1531 | "uuid": "f98811b7-6972-4372-96b0-4f13bb8d49d6" | ||||
1532 | }, | ||||
1533 | { | ||||
1534 | "category": "System And Communications Protection", | ||||
1535 | "code": "SC-42", | ||||
1536 | "label": "Sensor Capability and Data", | ||||
1537 | "uuid": "d6dbd662-e58c-4422-b591-d7b0be5d73fd" | ||||
1538 | }, | ||||
1539 | { | ||||
1540 | "category": "System And Communications Protection", | ||||
1541 | "code": "SC-43", | ||||
1542 | "label": "Usage Restrictions", | ||||
1543 | "uuid": "b5a7b5c7-6c5b-4014-b30c-6fe8325b564c" | ||||
1544 | }, | ||||
1545 | { | ||||
1546 | "category": "System And Communications Protection", | ||||
1547 | "code": "SC-44", | ||||
1548 | "label": "Detonation Chambers", | ||||
1549 | "uuid": "d8aa0a75-a5b2-4556-9664-5b1d5ea7419c" | ||||
1550 | }, | ||||
1551 | { | ||||
1552 | "category": "System And Information Integrity", | ||||
1553 | "code": "SI-1", | ||||
1554 | "label": "System and Information Integrity Policy and Procedures", | ||||
1555 | "uuid": "96e2a11b-1b39-4903-be42-374102c930df" | ||||
1556 | }, | ||||
1557 | { | ||||
1558 | "category": "System And Information Integrity", | ||||
1559 | "code": "SI-2", | ||||
1560 | "label": "Flaw Remediation", | ||||
1561 | "uuid": "83caa43e-7179-4477-8665-66d47d058417" | ||||
1562 | }, | ||||
1563 | { | ||||
1564 | "category": "System And Information Integrity", | ||||
1565 | "code": "SI-3", | ||||
1566 | "label": "Malicious Code Protection", | ||||
1567 | "uuid": "15dfbe37-4a2d-4df7-b00c-f558524b561c" | ||||
1568 | }, | ||||
1569 | { | ||||
1570 | "category": "System And Information Integrity", | ||||
1571 | "code": "SI-4", | ||||
1572 | "label": "System Monitoring", | ||||
1573 | "uuid": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" | ||||
1574 | }, | ||||
1575 | { | ||||
1576 | "category": "System And Information Integrity", | ||||
1577 | "code": "SI-5", | ||||
1578 | "label": "Security Alerts, Advisories, and Directives", | ||||
1579 | "uuid": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82" | ||||
1580 | }, | ||||
1581 | { | ||||
1582 | "category": "System And Information Integrity", | ||||
1583 | "code": "SI-6", | ||||
1584 | "label": "Security and Privacy Function Verification", | ||||
1585 | "uuid": "fa2d6a81-6a4e-41c7-91da-9024f91a7685" | ||||
1586 | }, | ||||
1587 | { | ||||
1588 | "category": "System And Information Integrity", | ||||
1589 | "code": "SI-7", | ||||
1590 | "label": "Software, Firmware, and Information Integrity", | ||||
1591 | "uuid": "b4f2c588-db91-4ad4-8122-9d3805a8a54a" | ||||
1592 | }, | ||||
1593 | { | ||||
1594 | "category": "System And Information Integrity", | ||||
1595 | "code": "SI-8", | ||||
1596 | "label": "Spam Protection", | ||||
1597 | "uuid": "8cf0e5df-fb43-4dd0-a65e-d635d5902ffc" | ||||
1598 | }, | ||||
1599 | { | ||||
1600 | "category": "System And Information Integrity", | ||||
1601 | "code": "SI-10", | ||||
1602 | "label": "Information Input Validation", | ||||
1603 | "uuid": "b3fef043-6788-406c-857f-788a044344a3" | ||||
1604 | }, | ||||
1605 | { | ||||
1606 | "category": "System And Information Integrity", | ||||
1607 | "code": "SI-11", | ||||
1608 | "label": "Error Handling", | ||||
1609 | "uuid": "16a412c2-2f76-4b61-917b-cb5372626bb2" | ||||
1610 | }, | ||||
1611 | { | ||||
1612 | "category": "System And Information Integrity", | ||||
1613 | "code": "SI-12", | ||||
1614 | "label": "Information Handling and Retention", | ||||
1615 | "uuid": "2fd75399-324e-40ed-9a82-80089816f398" | ||||
1616 | }, | ||||
1617 | { | ||||
1618 | "category": "System And Information Integrity", | ||||
1619 | "code": "SI-13", | ||||
1620 | "label": "Predictable Failure Prevention", | ||||
1621 | "uuid": "1f5c3fc5-4d27-4018-9f49-ca7edc61d5b4" | ||||
1622 | }, | ||||
1623 | { | ||||
1624 | "category": "System And Information Integrity", | ||||
1625 | "code": "SI-14", | ||||
1626 | "label": "Non-Persistence", | ||||
1627 | "uuid": "fc3d8c4c-8ced-4f4a-8ad0-a1ae01b35a21" | ||||
1628 | }, | ||||
1629 | { | ||||
1630 | "category": "System And Information Integrity", | ||||
1631 | "code": "SI-15", | ||||
1632 | "label": "Information Output Filtering", | ||||
1633 | "uuid": "039e5e9e-19cf-436b-b4fd-d0cfa4547110" | ||||
1634 | }, | ||||
1635 | { | ||||
1636 | "category": "System And Information Integrity", | ||||
1637 | "code": "SI-16", | ||||
1638 | "label": "Memory Protection", | ||||
1639 | "uuid": "9e1e9b36-aa61-4d54-a07c-2c74c341282c" | ||||
1640 | }, | ||||
1641 | { | ||||
1642 | "category": "System And Information Integrity", | ||||
1643 | "code": "SI-17", | ||||
1644 | "label": "Fail-Safe Procedures", | ||||
1645 | "uuid": "f2787cae-deb0-4090-9ed7-866b15d96df2" | ||||
1646 | }, | ||||
1647 | { | ||||
1648 | "category": "System And Information Integrity", | ||||
1649 | "code": "SI-18", | ||||
1650 | "label": "Information Disposal", | ||||
1651 | "uuid": "bf1d6c37-e1e1-4c78-8055-79a364219193" | ||||
1652 | }, | ||||
1653 | { | ||||
1654 | "category": "System And Information Integrity", | ||||
1655 | "code": "SI-19", | ||||
1656 | "label": "Data Quality Operations", | ||||
1657 | "uuid": "bca47b93-453b-47d8-8527-16c4fdd8f6e5" | ||||
1658 | }, | ||||
1659 | { | ||||
1660 | "category": "System And Information Integrity", | ||||
1661 | "code": "SI-20", | ||||
1662 | "label": "De-Identification", | ||||
1663 | "uuid": "5c1413f5-14f3-48bc-b371-5fda85e52cb8" | ||||
1664 | } | ||||
1665 | ], | ||||
1666 | "version": 5 | ||||
1667 | } |