Catalog: NIST SP 800-53 Rev 5 | Controls: 32
| Control ID | Title / Statement | Priority | Baseline Impact |
|---|---|---|---|
| PM-01 |
Information Security Program Plan
|
P1 | — |
| PM-02 |
Information Security Program Leadership Role
|
P1 | — |
| PM-03 |
Information Security Resources
|
P1 | — |
| PM-04 |
Plan of Action and Milestones Process
|
P1 | — |
| PM-05 |
System Inventory
|
P1 | — |
| PM-06 |
Information Security Measures of Performance
|
P1 | — |
| PM-07 |
Enterprise Architecture
|
P1 | — |
| PM-08 |
Critical Infrastructure Plan
|
P1 | — |
| PM-09 |
Risk Management Strategy
|
P1 | — |
| PM-10 |
Authorization Process
|
P1 | — |
| PM-11 |
Mission and Business Process Definition
|
P1 | — |
| PM-12 |
Insider Threat Program
|
P1 | — |
| PM-13 |
Information Security Workforce
|
P1 | — |
| PM-14 |
Testing, Training, and Monitoring
|
P1 | — |
| PM-15 |
Security and Privacy Groups and Associations
|
P2 | — |
| PM-16 |
Threat Awareness Program
|
P1 | — |
| PM-17 |
Coordinating with Sanctioning Authority
|
P0 | — |
| PM-18 |
Privacy Program Plan
|
P1 | — |
| PM-19 |
Privacy Program Leadership Role
|
P1 | — |
| PM-20 |
Dissemination of Privacy Program Information
|
P1 | — |
| PM-21 |
Information Sharing
|
P1 | — |
| PM-22 |
Accountability, Audit, and Risk Management
|
P1 | — |
| PM-23 |
Reporting
|
P1 | — |
| PM-24 |
Data Quality Management
|
P1 | — |
| PM-25 |
Data Integrity Board
|
P1 | — |
| PM-26 |
Data Management Board
|
P0 | — |
| PM-27 |
Event Logging
|
P1 | — |
| PM-28 |
System of Records Notice
|
P1 | — |
| PM-29 |
Privacy Notice
|
P1 | — |
| PM-30 |
Consent
|
P1 | — |
| PM-31 |
Consent Directives
|
P0 | — |
| PM-32 |
Computer Matching Requirements
|
P1 | — |