Académique Documents
Professionnel Documents
Culture Documents
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
AC-1
AC-2
Account Management
X
X
AC-2
(1)
AC-2
(2)
AC-2
(3)
AC-2
(4)
AC-2
(5)
AC-2
(7)
AC-2
(9)
AC-2
(10)
AC-2
(12)
AC-3
AC-4
AC-4
(21)
AC-5
Account Management |
Account Management |
Account Management |
Account Management |
Groups / Accounts
Account Management |
Credential Termination
Account Management |
Usage
X
X
X
X
Access Enforcement
Information Flow Enforcement
Information Flow Enforcement | Physical / Logical
Separation of Information Flows
Separation of Duties
X
X
X
X
ID
AC-6
CONTROL TITLE
Least Privilege
AC-6
(1)
AC-6
(2)
AC-6
(5)
AC-6
(9)
AC-6
(10)
AC-7
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
X
X
X
X
X
ID
CONTROL TITLE
AC-8
AC-10
AC-11
AC-11
(1)
AC-12
AC-14
AC-17
AC-17
(1)
AC-17
(2)
AC-17
(3)
AC-17
(4)
AC-17
(9)
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
Session Lock
Session Termination
Permitted Actions Without Identification or
Remote Access
Remote Access | Automated Monitoring / Control
Remote Access | Protection of Confidentiality / Integrity
Using Encryption
Remote Access | Managed Access Control Points
Remote Access | Privileged Commands / Access
Remote Access | Disconnect / Disable Access
X
X
X
X
X
X
X
X
X
X
X
ID
AC-18
AC-18
(1)
AC-19
AC-19
(5)
AC-20
AC-20
(1)
AC-20
(2)
AC-21
AC-22
AT-1
AT-2
CONTROL TITLE
Wireless Access
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
Information Sharing
Publicly Accessible Content
Awareness and Training (AT)
Security Awareness and Training Policy and
Procedures
Security Awareness Training
X
X
X
X
X
X
X
X
X
AT-3
X
X
AT-4
AU-1
AT-2 (2)
ID
AU-2
AU-2
(3)
AU-3
AU-3
(1)
AU-4
CONTROL TITLE
Audit Events
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
ID
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
AU-5
AU-6
AU-6
(1)
AU-6
(3)
AU-7
AU-7
(1)
AU-8
AU-8
(1)
AU-9
AU-9
(2)
AU-9
(4)
AU-11
X
X
X
X
Time Stamps
X
X
X
X
X
X
ID
AU-12
CA-1
CA-2
CA-2
(1)
CA-2
(2)
CA-2
(3)
CA-3
CONTROL TITLE
Audit Generation
System Interconnections
CA-3
(3)
CA-3
(5)
CA-5
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
X
X
X
X
X
ID
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
CA-6
Security Authorization
CA-7
Continuous Monitoring
CA-7
(1)
CA-8
CA-8
(1)
CA-9
CM-1
CM-2
CM-2
(1)
X
X
X
Penetration Testing
Penetration Testing | Independent Penetration Agent or
Team
X
X
ID
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
CM-2(2)
CM-2
(3)
CM-2
(7)
CM-3
CM-4
CM-5
CM-5
(1)
CM-5
(3)
CM-5
(5)
X
X
X
X
X
X
ID
CM-6
CM-6
(1)
CM-7
CM-7
(1)
CONTROL TITLE
Configuration Settings
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
Least Functionality
ID
CM-7
(2)
CM-7
(5)
CM-8
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
CM-8
(1)
CM-8
(3)
CM-8
(5)
CM-9
CM-10
X
X
ID
CM-10
(1)
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
CM-11
User-Installed Software
CP-1
CP-2
Contingency Plan
CP-2 (1)
CP-2 (2)
CP-2 (3)
X
X
X
CP-3
Contingency Training
X
X
CP-4
CP-2 (8)
CP-4 (1)
CP-6
CP-6 (1)
CP-6 (3)
X
X
X
X
CP-3.a. [ 10 days]
CP-3.c. [at least annually]
CP-4a. [at least annually for moderate impact
systems; at least every three years for low impact
systems] [functional exercises for moderate
impact systems; classroom exercises/table top
written tests for low impact systems]
ID
CP-7
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
CP-7 (1)
CP-7 (2)
CP-7 (3)
X
X
X
CP-8
CP-8 (1)
CP-8 (2)
Telecommunications Services
Telecommunications Services | Priority of Service
Provisions
Telecommunications Services | Single Points of Failure
X
X
ID
CP-9
CP-9 (1)
CP-9 (3)
CP-10
CP-10
(2)
CONTROL TITLE
IA-2
X
X
X
X
X
X
X
X
IA-1
IA-2 (1)
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
ID
IA-2 (2)
CONTROL TITLE
Users)
Users)
Users)
Users)
Users)
IA-2
(11)
IA-2
(12)
IA-2 (3)
IA-2 (5)
IA-2 (8)
IA-3
IA-4
IA-4 (4)
IA-5
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
X
X
Authenticator Management
ID
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
IA-5 (1)
IA-5 (2)
IA-5 (3)
X
X
IA-5 (4)
IA-5 (6)
IA-5 (7)
X
X
IA-5
(11)
IA-6
IA-7
IA-8
IA-8 (1)
IA-8 (2)
IA-8 (3)
Authenticator Feedback
Cryptographic Module Authentication
Identification and Authentication (NonOrganizational Users)
Identification and Authentication (Non-Organizational
Users) | Acceptance of PIV Credentials from Other
Agencies
Identification and Authentication (Non-Organizational
Users) | Acceptance of Third-Party Credentials
Identification and Authentication (Non-Organizational
Users) | Use of FICAM-Approved Products
X
X
X
X
X
X
ID
IA-8 (4)
CONTROL TITLE
IR-1
IR-2
IR-3
IR-3 (2)
IR-4
IR-4 (1)
IR-5
IR-6
IR-6 (1)
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
Incident Handling
X
X
X
X
X
ID
CONTROL TITLE
IR-7
IR-7 (1)
IR-7 (2)
IR-8
|
|
|
|
MA-2
MA-3
Controlled Maintenance
Maintenance Tools
MA-3
(1)
MA-3
(2)
MA-3
(3)
X
X
X
X
X
Nonlocal Maintenance
X
X
X
X
X
Responsible Personnel
Training
Post-Spill Operations
Exposure to
Maintenance (MA)
System Maintenance Policy and Procedures
X
X
X
MA-1
MA-4
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
IR-9
IR-9
IR-9
IR-9
IR-9
ID
MA-4
(2)
MA-5
MA-5
(1)
MA-6
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
X
MP-1
Timely Maintenance
Media Protection (MP)
Media Protection Policy and Procedures
MP-2
MP-3
Media Access
Media Marking
MP-4
Media Storage
MP-5
Media Transport
MP-5
(4)
X
X
X
X
ID
MP-6
MP-6
(2)
MP-7
MP-7
(1)
CONTROL TITLE
Media Sanitization
Media Use
PE-2
PE-3
PE-4
PE-5
PE-6
X
X
X
X
X
X
X
X
X
PE-1
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
ID
PE-6 (1)
CONTROL TITLE
PE-9
PE-10
PE-11
PE-12
PE-13
PE-14
(2)
PE-15
PE-16
PE-17
PE-8
PE-13
(2)
PE-13
(3)
PE-14
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
PL-1
PL-2
X
X
X
X
PL-2 (3)
PL-4
PL-4 (1)
PL-8
Rules of Behavior
Rules of Behavior | Social Media and Networking
Restrictions
PS-1
PS-2
ID
PS-3
PS-3 (3)
CONTROL TITLE
Personnel Screening
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
PS-4
PS-5
Personnel Termination
Personnel Transfer
X
X
X
X
PS-6
Access Agreements
PS-7
PS-8
X
X
X
X
RA-1
RA-2
RA-3
Security Categorization
Risk Assessment
X
X
X
X
ID
RA-5
CONTROL TITLE
Vulnerability Scanning
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
RA-5 (3)
RA-5 (5)
RA-5 (6)
RA-5 (8)
RA-5 (1)
RA-5 (2)
SA-1
SA-2
SA-3
X
X
X
X
X
X
ID
SA-4
CONTROL TITLE
Acquisition Process
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
SA-4 (8)
SA-4 (9)
SA-4 (1)
SA-4 (2)
SA-4
(10)
SA-5
SA-8
SA-9
SA-9 (1)
X
X
X
X
X
X
X
ID
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
SA-9 (2)
SA-9 (4)
SA-9 (5)
SA-10
SA-10
(1)
SA-11
SA-11
(1)
SA-11
(2)
SA-11
(8)
SC-1
SC-2
X
X
X
X
X
X
ID
CONTROL TITLE
SC-4
SC-5
SC-6
SC-7
SC-7
SC-7
SC-7
SC-7
SC-7 (8)
SC-7
(12)
SC-7
(13)
SC-7
(18)
SC-8
SC-8 (1)
X
X
X
X
X
SC-12
X
X
Network Disconnect
X
X
X
X
X
X
X
X
X
SC-10
SC-12
(2)
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
ID
SC-12
(3)
SC-13
SC-15
SC-17
SC-18
SC-19
SC-20
CONTROL TITLE
SC-23
SC-28
SC-28
(1)
SC-39
SC-22
SI-1
SI-2
SI-2 (2)
SI-2 (3)
SI-3
SI-3 (1)
SI-3 (2)
SI-3 (7)
SI-4
SI-4 (1)
Cryptographic Protection
Collaborative Computing Devices
Public Key Infrastructure Certificates
Mobile Code
Voice Over Internet Protocol
Secure Name / Address Resolution Service
(Authoritative Source)
Secure Name / Address Resolution Service
(Recursive or Caching Resolver)
Architecture and Provisioning for Name /
Address Resolution Service
Session Authenticity
Protection of Information At Rest
SC-21
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
ID
SI-4 (2)
SI-4 (4)
SI-4 (5)
SI-4(14)
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X
SI-4
(16)
SI-4
(23)
SI-5
SI-6
SI-7
X
X
SI-7 (1)
SI-7 (7)
SI-8
SI-8 (1)
SI-8 (2)
SI-10
SI-11
Spam Protection
Spam Protection | Central Management
Spam Protection | Automatic Updates
X
X
X
X
X
X
X
X
ID
SI-12
SI-16
CONTROL TITLE
Control
FEDRAMP DEFINED ASSIGNMENT/SELECTION
Baseline
PARAMETERS
Low
Moderate
X
X