1
Inventory and Control of Enterprise Assets
- 5 Safeguards
- IG1 2/5
- IG2 4/5
- IG3 5/5
2
Inventory and Control of Software Assets
- 7 Safeguards
- IG1 3/7
- IG2 6/7
- IG3 7/7
3
Data Protection
- 14 Safeguards
- IG1 6/14
- IG2 12/14
- IG3 14/14
4
Secure Configuration of Enterprise Assets and Software
- 12 Safeguards
- IG1 7/12
- IG2 11/12
- IG3 12/12
5
Account Management
- 6 Safeguards
- IG1 4/6
- IG2 6/6
- IG3 6/6
6
Access Control Management
- 8 Safeguards
- IG1 5/8
- IG2 7/8
- IG3 8/8
7
Continous Vulnerability Management
- 7 Safeguards
- IG1 4/7
- IG2 7/7
- IG3 7/7
8
Audit Log Management
- 12 Safeguards
- IG1 3/12
- IG2 11/12
- IG3 12/12
9
Email and Web Browser Protections
- 7 Safeguards
- IG1 2/7
- IG2 6/7
- IG3 7/7
10
Malware Defenses
- 7 Safeguards
- IG1 2/7
- IG2 7/7
- IG3 7/7
11
Data Recovery
- 5 Safeguards
- IG1 4/5
- IG2 5/5
- IG3 5/5
12
Network Infrastructure Management
- 8 Safeguards
- IG1 1/8
- IG2 7/8
- IG3 8/8
13
Network Monitoring and Defense
- 11 Safeguards
- IG1 0/11
- IG2 6/11
- IG3 11/11
14
Security Awareness and Skills Training
- 9 Safeguards
- IG1 8/9
- IG2 9/9
- IG3 9/9
15
Service Provider Management
- 7 Safeguards
- IG1 1/7
- IG2 4/7
- IG3 7/7
16
Applications Software Security
- 14 Safeguards
- IG1 0/14
- IG2 11/14
- IG3 14/14
17
Incident Response Management
- 9 Safeguards
- IG1 3/9
- IG2 8/9
- IG3 9/9
18
Penetration Testing
- 5 Safeguards
- IG1 0/5
- IG2 3/5
- IG3 5/5