Search by property

This page provides a simple browsing interface for finding entities described by a property and a named value. Other available search interfaces include the page property search, and the ask query builder.

List of results

• Category:RS.CO-4: Coordination with stakeholders occurs consistent with response plans  + (03:24:56, 23 October 2023)
• Category:ID.RA-1: Asset vulnerabilities are identified and documented  + (03:24:56, 23 October 2023)
• Category:PR.IP-4: Backups of information are conducted, maintained, and tested  + (03:24:56, 23 October 2023)
• Category:ID.RA-5: Threats, vulnerabilities, likelihoods, and impacts are used to determine risk  + (03:24:56, 23 October 2023)
• Category:RS.AN-3: Forensics are performed  + (03:24:56, 23 October 2023)
• Category:Communications (RS.CO)  + (03:24:57, 23 October 2023)
• Category:RS.CO-2: Incidents are reported consistent with established criteria  + (03:24:57, 23 October 2023)
• Category:DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed  + (03:24:57, 23 October 2023)
• Category:PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)  + (03:24:57, 23 October 2023)
• Category:PR.IP-6: Data is destroyed according to policy  + (03:24:57, 23 October 2023)
• Category:RESPOND (RS)  + (03:24:57, 23 October 2023)
• Category:PR.DS-3: Assets are formally managed throughout removal, transfers, and disposition  + (03:24:58, 23 October 2023)
• Category:Risk Assessment (ID.RA)  + (03:24:58, 23 October 2023)
• Category:ID.GV-1: Organizational cybersecurity policy is established and communicated  + (03:24:58, 23 October 2023)
• Category:RS.IM-1: Response plans incorporate lessons learned  + (03:24:58, 23 October 2023)
• Category:ID.GV-4: Governance and risk management processes address cybersecurity risks  + (03:24:58, 23 October 2023)
• Category:Information Protection Processes and Procedures (PR.IP)  + (03:24:59, 23 October 2023)
• Category:ID.RA-6: Risk responses are identified and prioritized  + (03:24:59, 23 October 2023)
• Category:Improvements (RC.IM)  + (03:24:59, 23 October 2023)
• Category:DE.DP-1: Roles and responsibilities for detection are well defined to ensure accountability  + (03:24:59, 23 October 2023)
• Category:ID.AM-3: Organizational communication and data flows are mapped  + (03:24:59, 23 October 2023)
• Category:ID.RA-3: Threats, both internal and external, are identified and documented  + (03:25:00, 23 October 2023)
• Category:DE.DP-3: Detection processes are tested  + (03:25:00, 23 October 2023)
• Category:DE.CM-5: Unauthorized mobile code is detected  + (03:25:00, 23 October 2023)
• Category:PR.DS-1: Data-at-rest is protected  + (03:25:00, 23 October 2023)
• Category:Recovery Planning (RC.RP)  + (03:25:00, 23 October 2023)

• Category:Asset Management (ID.AM)  + (03:25:01, 23 October 2023)
• Category:PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access  + (03:25:01, 23 October 2023)
• Category:PR.PT-3: The principle of least functionality is incorporated by configuring systems to provide only essential capabilities  + (03:25:01, 23 October 2023)

• Category:PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties  + (03:25:02, 23 October 2023)
• Category:DE.CM-1: The network is monitored to detect potential cybersecurity events  + (03:25:02, 23 October 2023)
• Category:ID.BE-1: The organization’s role in the supply chain is identified and communicated  + (03:25:03, 23 October 2023)
• Category:ID.AM-1: Physical devices and systems within the organization are inventoried  + (03:25:03, 23 October 2023)
• Category:PR.IP-9: Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed  + (03:25:04, 23 October 2023)
• Category:Protective Technology (PR.PT)  + (03:25:05, 23 October 2023)
• Category:PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions  + (03:25:05, 23 October 2023)
• Category:RS.RP-1: Response plan is executed during or after an incident  + (03:25:05, 23 October 2023)
• Category:PR.PT-4: Communications and control networks are protected  + (03:25:05, 23 October 2023)
• Category:DE.AE-3: Event data are collected and correlated from multiple sources and sensors  + (03:25:06, 23 October 2023)
• Category:PROTECT (PR)  + (03:25:06, 23 October 2023)
• Category:Security Continuous Monitoring (DE.CM)  + (03:25:06, 23 October 2023)
• Category:PR.PT-2: Removable media is protected and its use restricted according to policy  + (03:25:06, 23 October 2023)
• Category:PR.AT-3: Third-party stakeholders (e.g., suppliers, customers, partners) understand their roles and responsibilities  + (03:25:06, 23 October 2023)
• Category:DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events  + (03:25:07, 23 October 2023)
• Category:PR.DS-8: Integrity checking mechanisms are used to verify hardware integrity  + (03:25:07, 23 October 2023)
• Category:DE.CM-2: The physical environment is monitored to detect potential cybersecurity events  + (03:25:07, 23 October 2023)
• Category:PR.AT-5: Physical and cybersecurity personnel understand their roles and responsibilities  + (03:25:07, 23 October 2023)
• Category:Anomolies and Events (DE.AE)  + (03:25:07, 23 October 2023)
• Category:ID.GV-3: Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed  + (03:25:08, 23 October 2023)
• Category:PR.IP-7: Protection processes are improved  + (03:25:08, 23 October 2023)
• Category:ID.AM-6: Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established  + (03:25:08, 23 October 2023)
• Category:ID.BE-2: The organization’s place in critical infrastructure and its industry sector is identified and communicated  + (03:25:08, 23 October 2023)
• Category:Identity Management, Authentication and Access Control (PR.AC)  + (03:25:08, 23 October 2023)