NIST 800-53 Status P1 P2 P3 P0

TOTAL 121 36 12 55
Written - Partially 0 0 0 0
Written - Mostly 0 0 0 0
Written - Complete 0 0 0 0
Implemented - Partially 0 0 0 0
Implemented - Mostly 0 0 0 0
Implemented - Complete 0 0 0 0

Created By: Frank McGovern, The Walsh Group

Control Priority NIST 800-171
Number
AC-1 P1
AC-2 P1 X
AC-3 P1 X
AC-4 P1 X
AC-5 P1 X
AC-6 P1 X
AC-7 P2 X
AC-8 P1 X
AC-9 P0
AC-10 P3
AC-11 P3 X
AC-12 P2 X
AC-13 NULL
AC-14 P3
AC-15 NULL
AC-16 P0
AC-17 P1 X
AC-18 P1 X
AC-19 P1 X
AC-20 P1 X
AC-21 P2
AC-22 P3 X
AC-23 P0
AC-24 P0
AC-25 P0
 Written Implement
NIST 800-53 Control - Access Control Status Status
Access Control Policy and Procedures
Account Management
Access Enforcement
Information Flow Enforcement
Separation of Duties
Least Privilege
Unsusccessful Login Attempts
System Use Notification
Previous Logon (Access) Notification
Concurrent Session Control
Session Lock
Session Termination
Withdrawn
Permitted Actions without Identification or Authentication
Withdrawn
Security Attributes
Remote Access
Wireless Access
Access Control for Mobile Devices
Use of External Information Systems
Information Sharing
Publicly Accessible Content
Data Mining Protection
Access Control Decisisons
Reference Monitor
Effectiveness

Key
Nothing P1 11
Partially P2 3
Mostly P3 4
Complete P0 5
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
AT-1 P1
AT-2 P1 X
AT-3 P1 X
AT-4 P3
AT-5 NULL
 Written Implement
NIST 800-53 Control - Awareness and Training Status Status
Security Awareness and Training Policy and Procedures
Security Awareness Training
Role-Based Security Training
Security Training Records
Withdrawn
Effectiveness

Key
Nothing
Partially P1 3
Mostly P2 0
Complete P3 1
P0 0
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
AU-1 P1
AU-2 P1 X
AU-3 P1 X
AU-4 P1
AU-5 P1 X
AU-6 P1 X
AU-7 P2 X
AU-8 P1 X
AU-9 P1 X
AU-10 P2
AU-11 P3
AU-12 P1 X
AU-13 P0
AU-14 P0
AU-15 P0
AU-16 P0
 Written Implement
NIST 800-53 Control - Audit and Accountability Status Status
Audit and Accountability Policy and Procedures
Audit Events
Content of Audit Records
Audit Storage Capacity
Response to Audit Processing Failures
Audit Review, Analysis, and Reporting
Audit Reduction and Report Generation
Time Stamps
Protection of Audit Information
Non-repudiation
Audit Record Retention
Audit Generation
Monitoring for Information Disclosure
Session Audit
Alternate Audit Capability
Cross-Organizational Auditing
Effectiveness

Key
Nothing P1 9
Partially P2 2
Mostly P3 1
Complete P0 4
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
CA-1 P1
CA-2 P2 X
CA-3 P1
CA-4 NULL
CA-5 P3 X
CA-6 P2
CA-7 P2 X
CA-8 P2
CA-9 P2
 Written Implement
NIST 800-53 Control - Security Assessment and Authorization Status Status
Security Assessment and Authorization Policies and Procedures
Security Assessments
System Interconnections
Withdrawn
Plan of Action and Milestones
Security Authorization
Continuous Monitoring
Penetration Testing
Internal System Connections
Effectiveness

Key
Nothing P1 2
Partially P2 5
Mostly P3 1
Complete P0 0
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
CM-1 P1
CM-2 P1 X
CM-3 P1 X
CM-4 P2 X
CM-5 P1 X
CM-6 P1 X
CM-7 P1 X
CM-8 P1 X
CM-9 P1
CM-10 P2
CM-11 P1 X
 Written Implement
NIST 800-53 Control - Configuration Management Status Status
Configuration Management Policy and Procedures
Baseline Configuration
Configuration Change Control
Security Impact Analysis
Access Restrictions for Change
Configuration Settings
Least Functionality
Information System Component Inventory
Configuration Management Plan
Software Usage Restrictions
User-Installed Software
Effectiveness

Key
Nothing P1 9
Partially P2 2
Mostly P3 0
Complete P0 0
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
CP-1 P1
CP-2 P1
CP-3 P2
CP-4 P2
CP-5 NULL
CP-6 P1
CP-7 P1
CP-8 P1
CP-9 P1 X
CP-10 P1
CP-11 P0
CP-12 P0
CP-13 P0
 Written Implement
NIST 800-53 Control - Contingency Planning Status Status
Contingency Planning Policy and Procedures
Contingency Plan
Contingency Training
Contingency Plan Testing
Withdrawn
Alternate Storage Site
Alternate Processing Site
Telecommunications Services
Information System Backup
Information System Recovery and Reconstitution
Alternate Communications Protocols
Safe Mode
Alternative Security Mechansms
Effectiveness

Key
Nothing P1 7
Partially P2 2
Mostly P3 0
Complete P0 3
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
IA-1 P1
IA-2 P1 X
IA-3 P1
IA-4 P1 X
IA-5 P1 X
IA-6 P2 X
IA-7 P1
IA-8 P1
IA-9 P0
IA-10 P0
IA-11 P0
 Written Implement
NIST 800-53 Control - Identification and Authentication Status Status
Identification and Authentication Policy and Procedures
Identification and Authentication (Organizational Users)
Device Identification and Authentication
Identifier Management
Authenticator Management
Authenticator Feedback
Cryptographic Module Authentication
Identification and Authentication (Non-Organizational Users)
Service Identification and Authentication
Adaptive Identification and Authentication
Re-Authentication
Effectiveness

Key
Nothing P1 7
Partially P2 1
Mostly P3 0
Complete P0 3
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
IR-1 P1
IR-2 P2 X
IR-3 P2 X
IR-4 P1 X
IR-5 P1 X
IR-6 P1 X
IR-7 P2 X
IR-8 P1
IR-9 P0
IR-10 P0
 Written Implement
NIST 800-53 Control - Incident Response Status Status
Incident Response Policy and Procedures
Incident Response Training
Incident Response Testing
Incident Handling
Incident Monitoring
Incident Reporting
Incident Response Assistance
Incident Response Plan
Information Spillage Response
Integrated Information Security Analysis Team
Effectiveness

Key
Nothing P1 5
Partially P2 3
Mostly P3 0
Complete P0 2
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
MA-1 P1
MA-2 P2 X
MA-3 P3 X
MA-4 P2 X
MA-5 P2 X
MA-6 P2
 Written Implement
NIST 800-53 Control - Maintenance Status Status
System Maintenance Policy and Procedures
Controlled Maintenance
Maintenance Tools
Nonlocal Maintenance
Maintenance Personnel
Timely Maintance
Effectiveness

Key
Nothing P1 1
Partially P2 4
Mostly P3 1
Complete P0 0
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
MP-1 P1
MP-2 P1 X
MP-3 P2 X
MP-4 P1 X
MP-5 P1 X
MP-6 P1 X
MP-7 P1 X
MP-8 P0
 Written Implement
NIST 800-53 Control - Media Protection Status Status
Media Protection Policy and Procedures
Media Access
Media Marking
Media Storage
Media Transport
Media Sanitization
Media Use
Media Downgrading
Effectiveness

Key
Nothing P1 6
Partially P2 1
Mostly P3 0
Complete P0 1
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
PE-1 P1
PE-2 P1 X
PE-3 P1 X
PE-4 P1
PE-5 P2 X
PE-6 P1 X
PE-7 NULL
PE-8 P3
PE-9 P1
PE-10 P1
PE-11 P1
PE-12 P1
PE-13 P1
PE-14 P1
PE-15 P1
PE-16 P2
PE-17 P2 X
PE-18 P3
PE-19 P0
PE-20 P0
 Written Implement
NIST 800-53 Control - Physical and Environmental Protection Status Status
Physical and Environmental Protection Policy and Procedures
Physical Access Authorizations
Physical Access Control
Access Control for Transmission Medium
Access Control for Output Devices
Monitoring Physical Access
Withdrawn
Visitor Access Records
Power Equipment and Cabling
Emergency Shutof
Emergency Power
Emergency Lighting
Fire Protection
Temperature and Humidity Controls
Water Damage Protection
Delivery and Removal
Alternate Work Site
Location of Information System Components
Information Leakage
Asset Monitoring and Tracking
Effectiveness

Key
Nothing P1 12
Partially P2 3
Mostly P3 2
Complete P0 2
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
PL-1 P1
PL-2 P1
PL-3 NULL
PL-4 P2
PL-5 NULL
PL-6 NULL
PL-7 P0
PL-8 P1
PL-9 P0
 Written Implement
NIST 800-53 Control - Planning Status Status
Security Planning Policy and Procedures
System Security Plan
Withdrawn
Rules of Behavior
Withdrawn
Withdrawn
Security Concept of Operations
Information Security Architecture
Central Management
Effectiveness

Key
Nothing P1 3
Partially P2 1
Mostly P3 0
Complete P0 2
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
PS-1 P1
PS-2 P1
PS-3 P1 X
PS-4 P1 X
PS-5 P2 X
PS-6 P3
PS-7 P1
PS-8 P3
 Written Implement
NIST 800-53 Control - Personnel Security Status Status
Personnel Security Policy and Procedures
Position Risk Designation
Personnel Screening
Personnel Termination
Personnel Transfer
Access Agreements
Third-Party Personnel Security
Personnel Sanctions
Effectiveness

Key
Nothing P1 5
Partially P2 1
Mostly P3 2
Complete P0 0
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
RA-1 P1
RA-2 P1
RA-3 P1 X
RA-4 NULL
RA-5 P1 X
RA-6 P0
 Written Implement
NIST 800-53 Control - Risk Assessment Status Status
Risk Assessment Policy and Procedures
Security Categorization
Risk Assessment
Withdrawn
Vulnerability Scanning
Technical Surveillance Countermeasures Survey
Effectiveness

Key
Nothing P1 4
Partially P2 0
Mostly P3 0
Complete P0 1
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
SA-1 P1
SA-2 P1
SA-3 P1
SA-4 P1
SA-5 P2
SA-6 NULL
SA-7 NULL
SA-8 P1
SA-9 P1
SA-10 P1
SA-11 P1
SA-12 P0
SA-13 P0
SA-14 P0
SA-15 P2
SA-16 P2
SA-17 P1
SA-18 P0
SA-19 P0
SA-20 P0
SA-21 P0
SA-22 P0
 Written Implement
NIST 800-53 Control - System and Services Acquisition Status Status
System and Services Acquisition Policy and Procedures
Allocation of Resources
System Development Life Cycle
Acqusition Process
Information System Documentation
Withdrawn
Withdrawn
Security Engineering Principles
External Information System Services
Developer Configuration Management
Developer Security Testing and Evaluation
Supply Chain Protection
Trustworthiness
Criticality Analysis
Development Process, Standards, and Tools
Developer-Provided Training
Developer Security Architecture and Design
Tamper Resistance and Detection
Component Authenticity
Customized Development of Critical Components
Developer Screening
Unsupported System Components
Effectiveness

Key
Nothing P1 9
Partially P2 3
Mostly P3 0
Complete P0 8
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
SC-1 P1
SC-2 P1 X
SC-3 P1
SC-4 P1 X
SC-5 P1
SC-6 P0
SC-7 P1 X
SC-8 P1 X
SC-9 NULL
SC-10 P2 X
SC-11 P0
SC-12 P1 X
SC-13 P1 X
SC-14 NULL
SC-15 P1 X
SC-16 P0
SC-17 P1
SC-18 P2 X
SC-19 P1 X
SC-20 P1
SC-21 P1
SC-22 P1
SC-23 P1 X
SC-24 P1
SC-25 P0
SC-26 P0
SC-27 P0
SC-28 P1 X
SC-29 P0
SC-30 P0
SC-31 P0
SC-32 P0
SC-33 NULL
SC-34 P0
SC-35 P0
SC-36 P0
SC-37 P0
SC-38 P0
SC-39 P1
SC-40 P0
SC-41 P0
SC-42 P0
SC-43 P0
SC-44 P0
 Written
NIST 800-53 Control - System and Communication Protection Status
System and Communications Protection Policy and Procedures
Application Partitioning
Security Function Isolation
Information in Shared Resources
Denial of Service Protection
Resource Availability
Boundary Protection
Transmission Confidentiality and Integrity
Withdrawn
Network Disconnect
Trusted Path
Cryptographic Key Establishment and Management
Cryptographic Protection
Withdrawn
Collaborative Computing Device
Transmission of Security Attributes
Public Key Infrastructure Certifications
Mobile Code
Voice Over Internet Protocol
Secure Name/Address Resolution Service (Authoritative Source)
Secure Name/Address Resolution Service (Recursive or Caching Resolver)
Architecture and Provisioning for Name/Address Resolution Service
Session Authenticity
Fail in Known State
Thin Nodes
Honeypots
Platform-Independent Applications
Protection of Information at Rest
Heterogeneity
Concealment and Misdirection
Covert Channel Analysis
Information System Partitioning
Withdrawn
Non-Modifiable Executable Programs
Honeyclients
Distributed Processing and Storage
Out-of-Band Channels
Operations Security
Process Isolation
Wireless Link Protection
Port and I/O Device Access
Sensor Capability and Data
Usage Restrictions
Detonation Chambers
Implement Effectiveness
Status

Key
Nothing P1 19
Partially P2 2
Mostly P3 0
Complete P0 20
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0
Control Priority NIST 800-171
Number
SI-1 P1
SI-2 P1 X
SI-3 P1 X
SI-4 P1 X
SI-5 P1 X
SI-6 P1
SI-7 P1
SI-8 P2
SI-9 NULL
SI-10 P1
SI-11 P2
SI-12 P2
SI-13 P0
SI-14 P0
SI-15 P0
SI-16 P1
SI-17 P0
 Written Implement
NIST 800-53 Control - System and Information Integrity Status Status
System and Information Integrity Policy and Procedures
Flaw Remediation
Malicious Code Protection
Information System Monitoring
Security Alerts, Advisories, and Directives
Security Function Verification
Software, Firmware, and Information Integrity
Spam Protection
Withdrawn
Information Input Validation
Error Handling
Information Handling and Retention
Predictable Failure Prevention
Non-Persistence
Information Output Filtering
Memory Protection
Fail-Safe Procedures
Effectiveness

Key
Nothing P1 9
Partially P2 3
Mostly P3 0
Complete P0 4
WP1 0
WP2 0
WP3 0
WP0 0
WM1 0
WM2 0
WM3 0
WM0 0
WC1 0
WC2 0
WC3 0
WC0 0
IP1 0
IP2 0
IP3 0
IP0 0
IM1 0
IM2 0
IM3 0
IM0 0
IC1 0
IC2 0
IC3 0
IC0 0