Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Please note that the current search fields have been adjusted to
reflect NIST SP 800-70 Revision 4.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 783
matching records. Displaying matches 1 through 20.
Name (Version) |
Target |
Authority |
Last Modified |
Resources |
Azure Active Directory - SCuBA (1.0) |
Microsoft Azure Active Directory
|
Cybersecurity and Infrastructure Security Agency (CISA)
|
03/18/2024 |
Machine-Readable Format - Microsoft Azure Active Directory - GitHub
Prose - Azure Active Directory - SCuBA
|
Google Android 14 BYOAD STIG (Y24M03) |
Google Android 14
|
Defense Information Systems Agency
|
03/14/2024 |
Standalone XCCDF 1.1.4 - Google Android 14 BYOAD STIG
|
Power BI - SCuBA (1.0) |
Microsoft SharePoint Online
|
Cybersecurity and Infrastructure Security Agency (CISA)
|
03/13/2024 |
Machine-Readable Format - Microsoft Power BI GitHub Mark down
Prose - Microsoft Power BI
|
Exchange Online - SCuBA (1.0) |
Microsoft Exchange Online
|
Cybersecurity and Infrastructure Security Agency (CISA)
|
03/13/2024 |
Machine-Readable Format - Microsoft Exchange Online - GitHub Markdown
Prose - Microsoft Exchange Online
|
Teams - SCuBA (1.0) |
Microsoft Teams
|
Cybersecurity and Infrastructure Security Agency (CISA)
|
03/13/2024 |
Machine-Readable Format - Microsoft Teams GitHub
Prose - Microsoft Teams
|
SharePoint and OneDrive - SCuBA (1.0) |
Microsoft OneDrive
|
Cybersecurity and Infrastructure Security Agency (CISA)
|
03/13/2024 |
Machine-Readable Format - Microsoft SharePoint & OneDrive GitHub
Prose - Microsoft SharePoint & OneDrive
|
Power Platform - SCuBA (1.0) |
Microsoft Power Apps
|
Cybersecurity and Infrastructure Security Agency (CISA)
|
03/11/2024 |
Machine-Readable Format - Microsoft Power Platform - GitHub
Prose - Microsoft Power Platform
|
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.37) |
IBM z/OS Version 2, Release 1 IBM z/OS Version 2, Release 2
|
Vanguard Integrity Professionals, Inc.
|
03/08/2024 |
ZIP - Vanguard z/OS RACF Checklist 6.37(PDF version)
ZIP - Vanguard z/OS RACF Checklist 6.37(XML version)
|
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.38) |
IBM z/OS Version 2.1 IBM z/OS Version 2.2 IBM z/OS Version 2.3
|
Vanguard Integrity Professionals, Inc.
|
03/08/2024 |
ZIP - Vanguard z/OS RACF Checklist 6.38(PDF version)
ZIP - Vanguard z/OS RACF Checklist 6.38(XML version)
|
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.41) |
IBM Z/OS 2.2 IBM Z/OS 2.3
|
Vanguard Integrity Professionals, Inc.
|
03/08/2024 |
ZIP - Vanguard z/OS RACF Checklist 6.41PDF version)
ZIP - ZIP - Vanguard z/OS RACF Checklist 6.41(XML version)
|
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.39) |
IBM z/OS Version 2.1 IBM z/OS Version 2.2 IBM z/OS Version 2.3
|
Vanguard Integrity Professionals, Inc.
|
03/08/2024 |
ZIP - Vanguard z/OS RACF Checklist 6.39(PDF version)
ZIP - Vanguard z/OS RACF Checklist 6.39(XML version)
|
Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.40) |
IBM Z/OS 2.2 IBM Z/OS 2.3 IBM z/OS Version 2.1
|
Vanguard Integrity Professionals, Inc.
|
03/08/2024 |
ZIP - Vanguard z/OS RACF Checklist 6.40(PDF version)
ZIP - Vanguard z/OS RACF Checklist 6.40(XML version)
|
Vanguard Configuration Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.36) |
IBM z/OS Version 2, Release 1 IBM z/OS Version 2, Release 2
|
Vanguard Integrity Professionals, Inc.
|
03/08/2024 |
Standalone XCCDF 1.1.4 - Vanguard z/OS RACF Checklist 6.36(XML version)
ZIP - Vanguard z/OS RACF Checklist 6.36(PDF version)
|
Red Hat Enterprise Linux 9 (Ver 1, Rel 2) |
Red Hat Enterprise Linux 9.0
|
Defense Information Systems Agency
|
03/07/2024 |
SCAP 1.3 Content - Red Hat Enterprise Linux 9 Benchmark - Ver 1, Rel 1
Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 9 STIG - Ver 1, Rel 2
|
Exchange 2010 Overview (Version 1, Release 6) |
Microsoft Exchange Server 2010
|
Defense Information Systems Agency
|
03/07/2024 |
Prose - Microsoft Exchange 2010 Overview - Ver 1, Rel 6
|
Exchange 2010 Hub STIG (Version 1, Release 12) |
Microsoft Exchange Server 2010
|
Defense Information Systems Agency
|
03/07/2024 |
Standalone XCCDF 1.1.4 - Microsoft Exchange 2010 Hub STIG - Ver 1, Rel 12
|
Exchange 2010 Edge STIG (Version 1, Release 15) |
Microsoft Exchange Server 2010
|
Defense Information Systems Agency
|
03/07/2024 |
Standalone XCCDF 1.1.4 - Microsoft Exchange 2010 Edge Transport Server STIG - Ver 1, Rel 15
|
Exchange 2010 Client Access STIG (Version 1, Release 9) |
Microsoft Exchange Server 2010
|
Defense Information Systems Agency
|
03/07/2024 |
Standalone XCCDF 1.1.4 - Microsoft Exchange 2010 Client Access STIG - Ver 1, Rel 9
|
Exchange 2010 Mailbox STIG (Version 1, Release 10) |
Microsoft Exchange Server 2010
|
Defense Information Systems Agency
|
03/07/2024 |
Standalone XCCDF 1.1.4 - Microsoft Exchange 2010 Mailbox STIG - Ver 1, Rel 10
|
IBM zSecure Suite STIG (Version 1, Release 1) |
IBM zSecure Suite
|
Defense Information Systems Agency
|
03/07/2024 |
Standalone XCCDF 1.1.4 - IBM zSecure Suite STIG
|
* This checklist is still undergoing review for
inclusion into the NCP.