Rimici MAPPING TO THE
CIS Critical Security Controls

No. CIS CRITICAL SECURITY CONTROL NIST 800-53 rev 4* NIST Core Framework DHS CDM Program ISO 27002:2013 NSA MNP Auto Top 35 NSA Top 10 GCHQ 10 Steps UK Cyber Essentials  UK ICO Protecting Data PCI DSS 3.0 HIPAA FFIEC Examiniers Handbook NERC CIP V5 Cloud Security Alliance FY I5 FISMA Metrics ITIL 2011 KPIs
1 Inventory of Authorizhed Unautorizhed Devices CA-7
CA-8

IA-3
SA-4
SC-17
SI-4
PM-5
  ID.AM-1
ID.AM-3
PR.DS-3
• HWAM : Hardware Asset
Management
A.8.1.1
A.9.1.2
A.13.1.1
• Map Your
Network
• Baseline
Management
• Document Your
Network
• Personal Electronic
Device
Management
• Network Acces
Control
• Log 
Management
        • Inappropriate
Locations for
Processing Data
2.4 • 164.310 (b): Workstation Use - R
• 164.310 (c): Workstation Security - R
  • Host Security
• User Equipment Security
(Workstation, Laptop,
Handheld)
CIP-002-5 RI
CIP-002-5 R2
DCS-01
MOS-09
MOS-15
1: System Inventory
2: Continous Monitoring
Information Security Management
2 Inventory of Authorizhed Unautorizhed Devices CA-7
CM-2

CM-8
CM-10
CM-11

SA-4
SC-18
SC-34
SI-4
PM-5
ID.AM-2
PR.DS-6
• HWAM : Hardware Asset
Management
• SWAM : Software Asset 
Management
A.12.5.1
A.12.6.2
• Baseline
Management
• Executable
Content
Restrictions
• Configuration
and Change
Management
  1
14
17
• Application
Whitelisting
    • Decommissioning of
Software or Services
  • 164.310(b): Workstation Use - R
• 164.310(c): Workstation Security - R
  • Host Security
• User Equipment Security
(Workstation, Laptop,
Handheld)
  CCC-04
MOS-3
MOS-04
MOS-15
1: System Inventory
2: Continous Monitoring
Information Security Management
3 Secure configurations for Hardware & Software CA-7
CM-2
CM-3
CM5
CM-6
CM-7
CM-8
CM-9
CM-11
MA-4
RA-5
SA-4
SC-15
SC-34
SI-2
SI-4
PR.IP-1 • CSM : Configuration Setting Management A.14.2.4
A.14.2.8
A.18.2.3
• Patch
Management
• Log Management
• Data-at-Rest
Protection
• Configuration
and Change
Management
  2-5
21
• Control
Administrative
Privileges
• Set a Secure
Baseline
Configuration
• Take
Advantage of
Software
Improvements
• Secure
Configuration
• Secure
Configuration
• Patch
Management
  2.2
2.3
6.2
11.5
• 164.310(b): Workstation Use - R
• 164.310(c): Workstation Security - R
  • Host Security
• User Equipment Security
(Workstation, Laptop,
Handheld)
CIP-007-5 R2
CIP-010-5 R2
IVS-07
MOS-15
MOS-19
TVM-02
2: Continous Monitoring Information Security Management
4 Continous Vulnerability Assesment & Remediation CA-2
CA-7

RA-5
SC-34
SI-4
SI-7
  ID.RA-1
ID.RA-2
PR.IP-12
DE.CM-8
RS.MI-3
• VUL : Vulnerability
Management
A.12.6.1
A.14.2.8
• Patch
Management
• Log Management
• Configuration
and Change
Management
  2
3
• Take Advantage
of Software
Improvements
  • Patch
Management
• Software Updates 6.1
6.2
11.2
• 164.310 (b): Workstation Use - R
• 164.310 (c): Workstation Security - R
  • Host Security
• User Equipment Security
(Workstation, Laptop,
Handheld)
CIP-007-5 R2
CIP-010-5 R3
IVS-07
MOS-15
MOS-19
TVM-02
2: Continous Monitoring Information Security Management
5 Controlled Use of Administrative Privilige
AC-2
AC-6
AC-17

AC-19
CA-7
IA-4
IA-5
SI-4
  PR.AC-4
PR.AT-2
PR.MA-2
PR.PT-3
  A.9.1.1
A.9.2.2 - A.9.2.6
A.9.3.1
A.9.4.1 - A.9.4.4
• User Acces
• Baseline
Management
• Log Management
  4
9
11
25
• Control
Administrative
Privileges
• Monitoring • Acces Control • Configuration of SSL
and TLS
• Default Credentials
2.1
7.1 - 7.3
8.1 - 8.3
8.7
• 164.310 (b): Workstation Use - R
• 164.310 (c): Workstation Security - R
  • Authentication and Acces
Controls
CIP-004-5 R2
CIP-004-5 R5
CIP-007-5 R5
IAM-09 - IAM-13
MOS-16
MOS-20
3. identity Credential &
Acces Management
Information Security Management
6 Maintenance, Monitoring, & Analysis of Audit Logs AC-23
AU-2
AU-3
AU-4
AU-5
AU-6
AU-7
AU-8
AU-9
AU-10
AU-11
AU-12
AU-13
AU-14
CA-7
IA-10
SI-4
PR.PT-1
DE.AE-3
DE.DP-1
DE.DP-2
DE.DP-3
DE.DP-4
DE.DP-5
• Generic Audit Monitoring A.12.4.1 - A.12.4.4
A.12.7.1
• Log Management   15-16
35
  • Monitoring     10.1 - 10.7 • 164.31(a)(1): Security Management
Process - Information System Activity
Review R
• 164.308(a)(5): Security Awareness
and Training - Log-in Monitoring A
  • Security Monitoring CIP-007-5 R4 IVS-01
IVS-03
  Information Security Management
7 Email & Web Browser Protections CA-7
CA-2
CA-3
CA-5
CM-6
CM-7
CM-8
CM-9
CM-11
MA-4
RA-5
SA-4
SC-15
SC-34
SI-2
SI-4
PR.IP-1 • CSM : Configuration Setting
Management
A.14.2.4
A.14.2.8
A.18.2.3
• Patch
Management
• Baseline
Management
• Data-at-Rest
Protection
• Configuration
and Change
Management
  2-5
21
• Control
Administrative
Privileges
• Set a Secure
Baseline 
Configuration
• Take Advantage
of Software
Improvements
• Secure
Configuration
• Secure
Configuration
• Patch
Management
  2.2
2.3
6.2
11.5
• 164.310(b): Workstation Use - R
• 164.310(c): Workstation Security - R
  • Host Security
• User Equipment Security
(Workstation, Laptop,
Handheld)
CIP-007-5 R2
CIP-010-5 R2
IVS-07
MOS-15
MOS-19
TVM-02
2: Continous Monitoring Information Security Management
8 Malware & Defenses CA-7
SC-39
SC-44
S1-3
SI-4
SI-8
  PR.PT-2
DE.CM-4
DE.CM-5
  A.8.3.1
A.12.2.1
A.13.2.3
• Device
Accesbility
• Virus Scanners
& Host Intrusion
Prevention
Systems
• Security
Gateways,
Proxies, &
Firewalls
• Network Security
Monitoring
• Log Management
7
17
22
26
30
• Use Anti-virus
File Reputation
Services
• Enable Anti
Exploitation
Features
• Removable
Media Controls
• Malware
Protection
• Malware
Protection
  5.1 - 5.4 • 164.308(a)(5): Security Awareness
and Training - Protection from
Malicious Software A
• 164.310(d)(1): Device and Media
Controls - Accountability A
• 164.310(b): Workstation Use - R
• 164.310(c): Workstation Security - R
  • Host Security
• User Equipment Security
(Workstation, Laptop,
Handheld)
CIP-007-5 R3 MOS-01
MOS-15
TVM-01
TV-03
4: Anti-Phising & Malware
Defense
Information Security Management
9 Limitation & Control of Network Ports AT-1
AT-2
AT-3
AT-4
SA-11
SA-16
PM-13
PM-14
PM-16
  PR.AC-5
DE.AE-1
• Boundary Protection A.9.1.2
A.13.1.1
A.13.1.2
A.14.1.2
• Baseline
Management
• Configuration
and Change
Management
  2
3
12
13
27
• Limit
Workstation-to-
Workstation
Communication
• Network
Security
  • Decommissioning of
Software or Services
• Unnecessary
Services
1.4 • 164.310(b): Workstation Use - R
• 164.310(c): Workstation Security - R
  • Network Security CIP-007-5 RI DSI-02
IVS-06
IPY-04
  Information Security Management
10 Data Recovery Capability  CP-9
CP-10
MP-4
      PR.IP-4   A.10.1.1
A.12.3.1
 • Backup Strategy             4.3
9.5 - 9.7
• 164.308(a)(7): Contingency Plan -
Data Backup Plan R
• 164.308(a)(7): Contingency Plan -
Disaster Recovery Plan R
• 164.308(a)(7): Contingency Plan -
Testing & Revision Procedure A
• 164.310(d)(1): Device & Media
Controls - Data Backup & Storage A
  • Encryption   MOS-11   Information Security Management
11 Secure Configurations for Network Devices AC-4
CA-3
CA-7
CA-9
CM-2
CM-3
CM-5
CM-6
CM-8
MA-4
SC-24
SI-4
PR.AC-5
PR.IP-1
PR.PT-4
• CSM : Configuration Setting 
Management
• Boundary Protection
A.9.1.2
A.13.1.1
A.13.1.3
• Map Your
Network
• Patch
Management
• Baseline
Management
• Document Your
Network
• Security
Gateways,
Proxies, and
Firewalls
• Configuration and
Change
Management
2
3
10
• Set a Secure
Baseline
Configuration
• Segregate
Networks and
Functions
• Secure
Configuration
• Network
Security
• Boundary
Firewalls &
Internet
Gateways
• Secure
Configuration
• Patch
Management
• Software Updates
• Inappropriate
Locations for
Processing Data
1.1 - 1.2
2.2
6.2
  • Network Security CIP-005-5 RI
CIP-007-5 R2
DSI-02
IAM-03
IVS06
IVS-09
MOS-19
TVM-02
3: Identity Credential &
Acces Management
Information Security Management
12 Boundary Devense
AC-4
AC-17
AC-20
CA-3

CA-7
CA-9
CM-2
SA-9
SC-7
SC-8
SI-4
  PR.AC-3
PR.AC-5
PR.MA-2
DE.AE-1
• Boundary Protection A.9.1.2
A.12.4.1
A.12.7.1
A.13.1.1
A.13.1.3
A.13.2.3
• Network
Architecture
• Device
Accesbility
• Security
Gateways,
Proxies, and
Firewalls
• Network Security
Monitoring
  10-11
18-20
23
32-34
• Segregate
Network and
Function
• Home and
Mobile
Working
• Monitoring
• Network
Security
• Boundary
Firewalls &
Internet
Gateways
• Configuration of SSl
and TLS
• Inappropriate
Locations for
Processing Data
1.1 - 1.3
8.3
10.8
11.4
  • Network Security
• Security Monitoring
CIP-005-5 RI
CIP-007-5 R2
CIP-007-5 R4
DSI-02
IVS-01
IVS-06
IVS-09
MOS-16
3: Identity Credential &
Acces Management
6: Network Defense
7: Boundary Protection
Information Security Management
13 Data Protection  AC-3
AC-4
AC-23
CA-7
CA-9
IR-9
MP-5
SA-18
SC-8
SC-28
SC-31
SC-41
SI-4 PR.AC-5
PR.DS-2
PR.DS-5
PR.PT-2
  A.8.3.1
A.10.1.1 - A.10.1.2
A.13.2.3
A.18.1.5
• Network
Architecture
• Device
Accesbility
• User Acces
• Data-at-Rest
Protection
• Log Management
26   • Removable
Media Controls
    3.6
4.1 - 4.3
• 164.308(a)(4): Information Acces
Management - Isolating Health Care
Clearinghouse Function R
• 164.310(d)(1): Device and Media
Controls - Accountability A
• 164.312(a)(1): Acces Cpntrols -
Encryption and Decryption A
• 164.312(e)(1): Transmission Security -
Integrity Controls A
• 164.312(e)(1): Transmission Security -
Encryption A
  • Encryption
• Data Security
CIP-011-5 RI DSI-02
DSI-05
EKM-01 - EKM-04
MOS-11
  5: Data Protection Information Security Management
14 Controlled Acces Based on the Need to Know AC-1
AC-2
AC3
AC-6
AC-24
CA-7
MP-3
RA-2
SC-16
SI4
  PR.AC-4
PR.AC-5
PR.DS-1
PR.DS-2
PR.PT-2
PR.PT-3
• TRUST : Acces Control
Management
• PRIV : Priviliges
A.8.3.1
A.9.1.1
A.10.1.1
• Map Your
Network
• Baseline
Management
• Document Your
Network
• Personal
Electronic Device
Management
• Network Acces
Control
26 • Segregate
Networks
and Functions
• Managing User
Privileges
• Network
Security
• Acces Control • Inappropriate
Locations for
Processing Data
1.3 - 1.4
4.3
7.1 - 7.3
8.7
• 164.308(a)(1): Security Management
Process - Information System Activity
Review R
• 164.308(a)(4): Information Acces
Management - Isolating Health Care
Clearinghouse Function R
• 164.308(a)(4): Informatiojn Acces
Management - Acces Authorization A
• 164.312(a)(1): Accces Control -
Encryption and Decryption A
• 164.312(c)(1): Integrity -
Mechanism to Authenticate
Electronic Protected Health
Information A
• 164.312(a)(1): Acces Control
Automatic Lofoff A
• 164.312(d): Person or Entity
Authentication - R
• 164.312(e)(1): Transmission
Security - Integrity Controls A
• 164.312(e)(1):Transmission
Security - Encryption A
• Authentication and Acces
Controls
• Encryption
• Security Monitoring
CIP-005-5 RI
CIP-005-5 R2
CIP-007-5 R4
CIP-011-5 R1
DSI-02
IVS-09
MOS-11
    Information Security Management
15 Wireless Acces Control AC-18
AC-19
CA-3
CA-7
CM-2
IA-3
SC-8
SC-17
SC-40
SI-4
      A.10.1.1
A.12.4.1
A.12.7.1
• User Acces
• Baseline
Management
• Log Management
      • Monitoring
• Network
Security
    4.3
11.1
7.1 - 7.3
8.7 - 8.8
  • Network Security
• Encryption
• Security Monitoring
CIP-007-5 R4 IVS-01
IVS-06
IVS-12
MOS-11
  Information Security Management
16 Account Monitoring & Control AC-2
AC-3
AC-7
AC-11
AC-12
CA-7
IA-5
IA-10
SC-17
SC-23
SI-4   PR.AC-1
PR.AC-4
PR.PT-3
• CRED : Credentials and
Authentication
Management
A.9.1.1
A.9.2.2 - A.9.2.6
A.9.3.1
A.9.4.1 - A.9.4.3
A.11.2.8
• Training   25   • Managing User
Privileges
• Acces Control • Configuration of SSL and TLS 7.1 - 7.3
8.7 - 8.8
• 164.308(a)(1): Security Management
Process - Information System Activity
Review R
• 164.308(a)(4): Information Acces
Management - Acces Authorization A
• 164.308(a)(4): Information Acces
Management - Acces Establishment  
and Modification A
• 164.308(a)(5): Security Awareness
and Training - Pasword Management A
• 164.312(a)(1): Acces Control -
Unique User Identification R
• 164.312(a)(1): Acces Control -
Automatic Logoff A
• 164.312(d): Person or Entity
Authentication - R
• 164.312(e)(1): Transmission
Security - Integrity Controls A
• 164.312(e)(1): Transmission
Security - Encryption A
• Authentication and Acces
Control
CIP-005-5 R1
CIP-005- R2
CIP-007-5 R4
IAM-02
IAM-09 - IAM-12
MOS-14
MOS-16
MOS-20
3: Identity Credential &
Acces Management
Information Security Management
17 Security Skills Assesment and Appropriate Training ti Fill Gaps AT-1
AT-2
AT-3
AT-4
SA-11
SA-16
PM-13
PM-14
PM-16
  PR.AT-1
PR.AT-2
PR.AT-3
PR.AT-4
PR.AT-5
• BEHV : Security Related
Behavior Management
A.7.2.2 • Training   28   • User Education
& Awareness
    12.6 • 164.308(a)(5): Security Awareness
and Training - Security Reminders A
• 164.308(a)(5): Security Awareness
and Training - Protection from
Malicious Software
• 164.308(a)(5): Security Awareness
and Training - Log-in Monitoring A
• 164.308(a)(5): Security Awareness
and Training - Pasword Management A
  • Personel Security CIP-004-5 R1
CIP-004-5 R2
HRS-10
MOS-20
8. Training and Education Information Security Management
18 Application Software Security SA-13
SA-15
SA-16
SA-17
SA-20
SA-21
SC-39
SI-10
SI-11
SI-15
SI-16
  PR.DS-7 • VUL : Vulnerability
Management
A.9.4.5
A.12.1.4
A.14.2.1
A.14.2.6 - A.14.2.8
• Training   24       • SQL Injection 6.3
6.5 - 6.7
  • Application Security
• Software Development &
Acquisition
  AIS-01
AIS-03
AIS-04
CCC-01
CCC-02
CCC-03
IVS-08
  Information Security Management
19 Incident Response & Management IR-1
IR-2
IR-3
IR-4
IR-5
IR-6
IR-7
IR-8
IR-10
  PR.IP-10
DE.AE-2
DE.AE.-4
DE.AE-5
DE.CM.1-7
RS.RP-1
RS.CO-1-5
RS.AN-1-4
RS.MI-1-2
RS.IM-1-2
RC.RP-1
RC.IM-1-2
RC.CO-1-3
• Plan for Events
• Respond to Events
A.6.1.3
A.7.2.1
A.16.12
A.16.1.4 - A.16.1.7
• Incident
Response and
Disaster
Recovery Plans 
      • Incident
Management
    12.10 • 164.308(a)(6): Security Incident
Procedures - Response and Reporting R
    CIP-008-5 R1
CIP-008-5 R2
CIP-008-5 R3
SEF-01 - SEF-05 9: Incident Response Information Security Management
20 Penetration Test & Red Team Exercises CA-2
CA-5
CA-6
CA-8
RA-6
SI-6
PM-6
PM-14
      A.14.2.8
A.18.2.1
A.18.2.3
• Audit Strategy             11.3           Information Security Management
*NIST 800-53 Listings                                                    
AC-1 : Acces Control Policy and Procedures   AC-20 : Use of External Information Systems   AU-6: Audit Review, Analysis, and Reporting   CA-6: Security Authorization   CM-11: User-Installed Software IR-7: Incident Response Assistance   PM-16: Threat Awareness Program  
AC-2 : Account Management       AC-23 : Data Mining Protection   AU-7: Audit Reduction and Report Generation   CA-7: Continous Monitoring   CP-9: Information System Backup IR-8: Incident Response Plan     RA-2: Security Categorization  
AC-3 : Acces Enforcement       AC-24 : Acces Control Decisions   AU-8: Time Stamps     CA-8: Penetration Testing   CP-10: Information System Recovery and Reconstitution IR-9: Information Spillage Response   RA-5: Vulnerability Scanning  
AC-4 : Information Flow Enforcement   AT-1 : Security Awareness and Training Policy and Procedures AU-9: Protection of Audit Information   CA-9: Internal System Connections   IA-3: Device Identification and Authentication IR-10: Integrated Information Security Analysis Team RA-6: Technical Surveillance Countermeasures Survey
AC-6 : Least Privilege       AT-2 : Security Awareness Training   AU-10: Non-repuditation     CM-2 Baseline Configuration   IA-5: Authenticator Management MA-4: Nonlocal Maintenance     SA-4: Acquisition Process  
AC-7 : Unsuccessful Logon Attempts     AT-3 : Role-Based Security Training   AU-11: Audit Record Retention   CM-3 Configuration Change Control   IA-10: Adaptive Identification and Authentication MP-3: Media Marking     SA-9: External Information System Services
AC-11 : Session Lock       AT-4 : Security Training Records   AU-12: Audit Generation     CM-5 Acces Restrictions for Change   IR-1: Incident Response Policy and Procedures MP-4: Media Storage     SA-11: Developer Security Testing and Evaluation
AC-12 : Session Termination       AU-2 : Audits Events     AU-13: Monitoring for Information Disclosure   CM-6 Configuration Settings   IR-2: Incident Response Training MP-5: Media Transport     SA-13: Trustworthiness  
AC-17 : Remote Acces       AU-3 : Content of Audit Records   AU-14: Session Audit     CM-7 Least Functionality   IR-3: Incident Response Testing PM-5: Information System Inventory   SA-15: Development Process, Standars, and Tools
AC-18 : Wireless Acces       AU-4 : Audit Storage Capacity   CA-2: Security Assessments   CM-8 Information System Component Inventory IR-4: Incident Handling PM-6: Information Security Measures of Performance SA-16: Developer-Provided Training
AC-19 : Acces Contro; for Mobile Devices   AU-5 : Response to Audit Processing Failures   CA-3: System Interconnections   CM-9 Configuration Management Plan   IR-5: Incident Monitoring PM-13: Information Security Workforce   SA-17: Developer Security Architecture and Design
                    CA-5: Plan of Action and Milestone   CM-10 Software Usage Restrictions   IR-6: Incident Reporting PM-14: Testing, Training, & Monitoring   SA-18: Tamper Resistance and Detection
                                                       
                                                       
SA-20: Customized Development of Critical
Components
          SC-22: Architecture and Provisioning for Name/Addres
Resoltion Service
    SI-3: Malicious Code Protection                            
SA-21: Developer Screening           SC-23: Session Authenticity     SI-4: Information System Monitoring                          
SC-7: Boundary Protection           SC-24: Fail in Known State     SI-6: Security Function Verification                          
SC-8: Transmission Confidentiality and Integrity   SC-28: Protection of Information at Rest   SI-7: Software, Firmware, and Information Integrity                        
SC-15: Collaborative Computing Devices       SC-31: Covert Channel Analysis     SI-8: Spam Protection                              
SC-16: Transmission of Security Attributes     SC-34: Non-Modifiable Executable Programs SI-10: Information Input Validation                          
SC-17: Public Key Infrastructure Certificate     SC-39: Process Isolation     SI-11: Error Handling                              
SC-18: Mobile Code           SC-40: Wireless Link Protection     SI-15: Information Output Filtering                          
SC-20: Secure Name/Address Resolution Services
(Authoritative Source) 
          SC-41: Port and I/O Device Acces     SI-16: Memory Protection                              
SC:21: Secure Name/Address Resolution Services
(Recursive or Chacing Resolver) 
          SC-44: Detonation Chambers                                      
              SI-2: Flaw Remediation                                      
Be The first to know Programs Releases
And Important Rimici News  
 
Rimici
© 2017 - 2027 All Rights Reserved
 
Powered By  
 Rimici "One Source"