1. Symantec/
  2. Security Response/
  3. Security Updates Detail

Symantec Control Compliance Suite Assessment Manager 11.x - Symantec Control Compliance Suite Assessment Manager (AM) 11.x Security Content Update (SCU)

December 3, 2014

Description

Security Content Update (SCU) provides periodic security content updates on Symantec Control Compliance Suite™ Assessment Manager 11.x.

 

 

Download SCU 2014-3:  CCS_11_x_14_3_Content_Update_Win.exe 

 

MD5: 625ad4af48cfc740ce2e73066838350d

 

 

 

Content added in AM SCU

 

Content added in AM 11.0 release update

 

The update for the Assessment Module 11.0 release contains the following new questionnaires:

 

·  Australian Government Information Security Manual September 2012 Release- Communications Security

·  Australian Government Information Security Manual September 2012 Release- Governance

·  Australian Government Information Security Manual September 2012 Release- IT Security

·  Australian Government Information Security Manual September 2012 Release- Personnel Security

·  Australian Government Information Security Manual September 2012 Release- Physical Security

·  CobiT v5.0

·  COBIT 5.0 view of NIST Cybersecurity Framework

·  CPG 234- Management of Security Risk in Information and Information Technology

·  ISO 27001:2013 view of NIST Cybersecurity Framework

·  ISO 27001:2013

·  NIST Cyber Security Framework

·  NIST SP 800-53 Revision 4 HIGH Baseline

·  NIST SP 800-53 Revision 4 LOW Baseline

·  NIST SP 800-53 Revision 4 MOD Baseline

·  NIST 800-53 REVISION 4 ALL

·  NIST 800-53 REVISION 4 view of NIST Cybersecurity Framework

·  PCI DSS v3.0

·  PPG 235- Managing Data Risk

·  SANS Top 20 Critical Controls- Version 4

·  VMware Hardening Guidelines 5.x Assessment

 


 

Content added in AM 11.1 release update

 

The update for the Assessment Module 11.1 release contains the following new questionnaires:

 

·  AICPA SOX Assessment - Conducting an Executive Session

·  AICPA SOX Assessment - COSO Framework

·  AICPA SOX Assessment - Evaluation of Internal Audit Team

·  AICPA SOX Assessment - Evaluation of the Independent Auditor

·  AICPA SOX Assessment - Guidelines for Hiring CAE

·  AICPA SOX Assessment - Other Questions for Management

·  AICPA SOX Assessment COSO Framework

·  AICPA Trust Services Principles and Criteria

·  ARRA-HITECH HHS Guidance Unusable PHI

·  ARRA-HITECH Subtitle D--Privacy

·  AUSTRALIAN GOVERNMENT INFORMATION SECURITY MANUAL- Governance

·  AUSTRALIAN GOVERNMENT INFORMATION SECURITY MANUAL- IT Security

·  AUSTRALIAN GOVERNMENT INFORMATION SECURITY MANUAL- Personnel Security

·  AUSTRALIAN GOVERNMENT INFORMATION SECURITY MANUAL- Physical Security

·  Australia Government Information Security Manual September 2012 Release- Communications Security

·  Australian Government Information Security Manual September 2012 Release- Governance

·  Australian Government Information Security Manual September 2012 Release- IT Security

·  Australia Government Information Security Manual September 2012 Release- Personnel Security

·  Australia Government Information Security Manual September 2012 Release- Physical Security

·  Basel II-Business Pandemic Influenza Planning Checklist

·  California: Recommended Practices on Notice of Security Breach Involving Personal Information

·  Child Care and Preschool Pandemic Influenza Planning Checklist

·  China - The Basic Standard for Enterprise Internal Control and Supplemental Guidelines

·  CMS Appendix A CMSR High Impact Level Data - Assessments

·  CMS Appendix A CMSR High Impact Level Data - Controls

·  CobiT 4.0

·  COBIT 5.0 view of NIST Cybersecurity Framework

·  CobiT v4.1

·  Colleges and Universities Pandemic Influenza Planning Checklist

·  Correctional Facilities Pandemic Influenza Planning Checklist

·  COSO ERM - Integrated Framework

·  CPG 234- Management of Security Risk in Information and Information Technology

·  CSA Consensus Assessments Initiative

·  C-TPAT- Importer Self-Assessment Questionnaire

·  C-TPAT- Internal Control Management

·  Cyber-Security Check List

·  DISA STIG - Access Control In Support Of Information Systems

·  DoD Instruction 8500.2 Information Assurance (IA) Implementation-5.7

·  Emergency Medical Services and Non-Emergent (Medical) Transport

·  Organizations Pandemic Influenza Planning Checklist

·  Faith-Based & Community Organizations Pandemic Influenza Preparedness Checklist

·  FCC 47 CFR Part 64 Subpart U - Customer Proprietary Network Information (CPNI)

·  FDA 21 CFR Part 11

·  FDA 21 CFR Part 820

·  FFIEC Authentication in an Internet Banking Environment

·  FFIEC IT Examination Handbook Audit Booklet - APPENDIX A: EXAMINATION PROCEDURES

·  FFIEC IT Examination Handbook Information Security Booklet - APPENDIX A: EXAMINATION PROCEDURES

·  FIEL Guidance for J-SOX for IT

·  FISMA using NIST SP 800-53 rev1 All

·  FISMA using NIST SP 800-53 rev1 High

·  FISMA using NIST SP 800-53 rev1 Low

·  FISMA using NIST SP 800-53 rev1 Moderate

·  FISMA using NIST SP 800-53 rev1 Not Selected

·  GLBA CFTC 17 CFR Part 160 Section 160.30

·  GLBA FDIC 12 CFR Part 364 Appendix B

·  GLBA FRB 12 CFR Part 208 Appendix D-2

·  GLBA FRB 12 CFR Part 225 Appendix F

·  GLBA FTC 16 CFR Part 314

·  GLBA NCUA 12 CFR Part 748 Appendix A and B

·  GLBA OCC 12 CFR Part 30 Appendix B

·  GLBA OTS 12 CFR Part 570 Appendix B

·  GLBA SEC 17 CFR Part 248 Section 248.30

·  Health Insurer Pandemic Influenza Planning Checklist

·  HIPAA Security Standards 45_CFR_Part_164_Subpart_C Security Standards for the Protection of Electronic Protected Health Information

·  Home Health Care Services Pandemic Influenza Planning Checklist

·  Hospital Pandemic Influenza Planning Checklist

·  Identity Theft Red Flags and Address Discrepancies Under the FACT Act FDIC

·  Identity Theft Red Flags and Address Discrepancies Under the FACT Act FRB (Board)

·  Identity Theft Red Flags and Address Discrepancies Under the FACT Act FTC

·  Identity Theft Red Flags and Address Discrepancies Under the FACT Act NCUA

·  Identity Theft Red Flags and Address Discrepancies Under the FACT Act OCC

·  Identity Theft Red Flags and Address Discrepancies Under the FACT Act OTS

·  Interagency Guidelines Establishing Information Security Standards

·  ISO 27001 Information Security Management Systems Requirements

·  ISO 27001:2013

·  ISO 27001:2013 view of NIST Cybersecurity Framework

·  ISO 27002-2005 Assessment

·  ISO 27005-2008

·  ISO 31000-2009

·  ISO-IEC 20000 1-2005

·  ISO-IEC 20000 2-2005

·  IT Control Objectives for Sarbanes-Oxley 2nd Edition

·  IT Control Objectives for SOX - Assessing the Readiness of IT

·  IT Control Objectives for SOX - Company-Level Questionnaire

·  IT Service Management Assessment

·  Law Enforcement Pandemic Influenza Planning Checklist

·  Long-Term Care and Other Residential Facilities Pandemic Influenza Planning Checklist

·  MAS-IBTRMV3

·  Massachusetts: 201 CMR 17.00 - Standards for The Protection of Personal

·  Information of Residents of the Commonwealth

·  Medical Offices and Clinics Pandemic Influenza Planning Checklist

·  NERC 1300 Assessment

·  NERC CIP 002-009

·  NERC CIP 002-009-2

·  NERC CIP-002-4- CIP-009-4

·  NIST 800-53 REVISION 4 ALL

·  NIST 800-53 REVISION 4 view of NIST Cybersecurity Framework

·  NIST 800-66 Rev. 1 - Sample Questions

·  NIST SP 800-122 Appendix A

·  NIST SP 800-30

·  NIST SP 800-53 based on FISMA

·  NIST SP 800-53 rev1 All

·  NIST SP 800-53 rev1 High

·  NIST SP 800-53 rev1 Low

·  NIST SP 800-53 rev1 Moderate

·  NIST SP 800-53 rev1 Not Selected

·  NIST SP 800-53 Revision 3 HIGH Baseline

·  NIST SP 800-53 Revision 3 MODERATE Baseline

·  NIST SP 800-53 Revision 4 HIGH Baseline

·  NIST SP 800-53 Revision 4 LOW Baseline

·  NIST SP 800-53 Revision 4 MOD Baseline

·  NIST SP 800-53A Section I: Assessment Procedures All

·  NIST SP 800-53A Section I: Assessment Procedures HIGH

·  NIST SP 800-53A Section I: Assessment Procedures LOW

·  NIST SP 800-53A Section I: Assessment Procedures MODERATE

·  NIST SP 800-66 Rev. 1

·  OTS Interagency Guidelines Establishing Information Security Standards - Small-Entity Compliance Guide

·  Pandemic Preparedness Planning for US Businesses with Overseas Operations Checklist

·  Payment Card Industry - Data Security Standard Version 1.1

·  Payment Card Industry (PCI) Data Security Standard Requirements, Version 1.2

·  PCI DSS v2.0 Self-Assessment Questionnaire A

·  PCI DSS v2.0 Self-Assessment Questionnaire B

·  PCI DSS v2.0 Self-Assessment Questionnaire C

·  PCI DSS v2.0 Self-Assessment Questionnaire C-VT

·  PCI DSS v3.0

·  PCI SAQ D v2.0

·  Physical Security

·  PPG 235. Managing Data Risk

·  Privacy Impact Assessment Guidelines

·  Recommended Practices on Notice of Security Breach Involving Personal Information (SB1386)

·  SANS Top 20 Critical Controls - Version 4

·  School District (K-12) Pandemic Influenza Planning Checklist

·  Security Assessment Checklist

·  Security Awareness Culture

·  Security Awareness Monthly Quizzes

·  SOX - The IT Dimension

·  SOX Compliance Toolkit - Audit Committee SOX Compliance Checklist

·  SOX Compliance Toolkit - Corporate Governance Compliance Checklist

·  SOX IT based on CobiT 4.0

·  The World Bank Technology Risk Checklist 7.3

·  Travel Industry Pandemic Influenza Planning Checklist

·  TRUSTe Security Guidelines 2.0

·  U.S. Department of Agriculture (USDA) Food Safety and Inspection Service (FSIS) Industry Self-Assessment Checklist for Food Security (Revised April 2005)

·  UK: Data Protection Act 1998

·  VMware Hardening Guidelines 5.x Assessment

·  VMware vSphere 4.1 Security Hardening

 

 

 

For more information about the updates released in this SCU, refer to the Security Content Update 2014-3 Release Notes for CCS AM 11.x.

 

ReadMe_AM_SCU_2014-3.pdf

Last modified on: December 3, 2014
Security Response Blog
The State of Spam