Trackr.Live The landing site for Trackr Services
§ Tag
Tag

Control

AT

AT-5: Contacts with Security Groups and Associations

RMF Control AT-5: Contacts with Security Groups and Associations requires organizations to establish and institutionalize contact with selected groups and associations within the security community to facilitate ongoing security education and training for organizational personnel; maintain currency with recommended security practices, techniques, and technologies; and share current security-related information including threats, vulnerabilities, and incidents. Supplemental …

·
AT

AT-4: Training Records

RMF Control AT-4: Training Records requires organizations to document and monitor individual information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training; and retain individual training records for [Assignment: organization-defined time period]. Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a …

·
AT

AT-3: Role-based Training

RMF Control AT-3: Role-based training requires organizations to provide training and awareness to personnel on information security and the protection of Controlled Unclassified Information (CUI), based on their roles and responsibilities. The training should include: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to …

·
AT

AT-2: Literacy Training and Awareness

RMF Control AT-2: Literacy Training and Awareness requires organizations to provide training and awareness to personnel on information security and the protection of Controlled Unclassified Information (CUI), including: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to systems and organizations. RMF Control AT-2: Literacy …

·
AT

AT-1: Policy and Procedures

RMF Control AT-1: Policy and Procedures requires organizations to develop, document, and disseminate to organization-defined personnel or roles: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to systems and organizations. RMF Control AT-1: Policy and Procedures is one of the controls in the AT …

·
AC

AC-25: Reference Monitor

RMF Control AC-25: Reference Monitor is a cybersecurity control that helps to protect information systems by ensuring that all access to information systems and resources is monitored and controlled. This control is important because it can help to prevent unauthorized access to information systems and resources, and to detect and respond to unauthorized access attempts.

·
AC

AC-24: Access Control Decisions

RMF Control AC-24: Access Control Decisions is a cybersecurity control that helps to protect information systems by ensuring that access control decisions are made based on the appropriate security attributes. Access control decisions are the decisions that are made about who can access which resources in an information system. Access Control Decisions Requirements The RMF …

·
AC

AC-23: Data Mining Protection

RMF Control AC-23: Data Mining Protection is a cybersecurity control that helps to protect information systems by detecting and protecting against unauthorized data mining. Data mining is the process of extracting knowledge from large datasets. While data mining can be a valuable tool, it can also be used to compromise the security of information systems. …

·
AC

AC-22: Publicly Accessible Content

RMF Control AC-22: Publicly Accessible Content is a cybersecurity control that helps to protect information systems by ensuring that publicly accessible content does not contain nonpublic information. This control is important because it can help to prevent unauthorized access to nonpublic information and to reduce the risk of data breaches. Publicly Accessible Content Requirements The …

·
AC

AC-21: Information Sharing

RMF Control AC-21: Information Sharing is a cybersecurity control that helps to protect information systems by facilitating and controlling the sharing of information between organizations. This control is important because it can help to improve the security posture of all organizations involved in the information sharing process. Information Sharing Requirements The RMF Control AC-21: Information …

·