| AIOS-01-080002 - Apple iOS must lock the display after 15 minutes (or less) of inactivity. | ACCESS CONTROL |
| AIOS-01-080004 - Apple iOS must enforce a minimum password length of six characters. | IDENTIFICATION AND AUTHENTICATION |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | ACCESS CONTROL |
| AIOS-01-080006 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted. | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-01-080007 - Apple iOS must not allow passwords that include more than two repeating or sequential characters. | CONFIGURATION MANAGEMENT |
| AIOS-01-100100 - Apple iOS must be configured to wipe all sensitive DoD data and PII data during a remote wipe command from the MDM server. | CONFIGURATION MANAGEMENT |
| AIOS-02-080002 - Apple iOS must not allow backup to remote systems (iCloud). | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080003 - Apple iOS must not allow backup to remote systems (iCloud document and data synchronization). | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080004 - Apple iOS must not allow backup to remote systems (iCloud Keychain). | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080005 - Apple iOS must not allow backup to remote systems (My Photo Stream). | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080006 - Apple iOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams). | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080007 - Apple iOS must disable automatic transfer of diagnostic data to an external device other than an enrolled MDM service. | CONFIGURATION MANAGEMENT |
| AIOS-02-080008 - Apple iOS must implement the management setting: limit Ad Tracking. | CONFIGURATION MANAGEMENT |
| AIOS-02-080009 - Apple iOS must not display notifications when the device is locked. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080010 - Apple iOS must not display notifications (calendar information) when the device is locked. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080011 - Apple iOS must not include applications with the following characteristics: Siri when the device is locked. | CONFIGURATION MANAGEMENT |
| AIOS-02-080012 - Apple iOS must not include applications with the following: Voice dialing application if available when MD is locked. | CONFIGURATION MANAGEMENT |
| AIOS-02-080013 - Apple iOS must be configured to disable Touch ID. | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AIOS-02-080014 - Apple iOS must not allow non-DoD applications to access DoD data. | CONFIGURATION MANAGEMENT |
| AIOS-02-080016 - Apple iOS must implement the management setting: not allow automatic completion of Safari browser passcodes. | CONFIGURATION MANAGEMENT |
| AIOS-02-080017 - Apple iOS must implement the management setting: Encrypt iTunes backups. | CONFIGURATION MANAGEMENT |
| AIOS-02-080101 - Apple iOS must not allow backup to remote systems (enterprise books). | CONFIGURATION MANAGEMENT |
| AIOS-02-080102 - Apple iOS must implement the management setting: not allow use of Handoff. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-080103 - Apple iOS must not allow backup to remote systems (managed applications data stored in iCloud). | CONFIGURATION MANAGEMENT |
| AIOS-02-080104 - Apple iOS must implement the management setting: require password when connecting to AirPlay device for the first time. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-02-090100 - Apple iOS must implement the management setting: Disable Allow MailDrop. | CONFIGURATION MANAGEMENT |
| AIOS-02-090101 - Apple iOS must implement the management setting: Disable Allow iCloud Photo Library. | CONFIGURATION MANAGEMENT |
| AIOS-02-090103 - Apple iOS device must have the latest available iOS operating system installed. | CONFIGURATION MANAGEMENT |
| AIOS-03-080101 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync. | CONFIGURATION MANAGEMENT |
| AIOS-03-080102 - Apple iOS must implement the management setting: not allow Exchange messages to be forwarded or moved to other accounts. | CONFIGURATION MANAGEMENT |
| AIOS-05-080001 - Apple iOS must implement the management setting: Treat Airdrop as an unmanaged destination. | CONFIGURATION MANAGEMENT |
| AIOS-05-080101 - Apple iOS must implement the management setting: not have any Family Members in Family Sharing. | CONFIGURATION MANAGEMENT |
| AIOS-05-080102 - Apple iOS must implement the management setting: not share location data through iCloud. | CONFIGURATION MANAGEMENT |
| AIOS-10-080102 - Apple iOS must implement the management setting: remove managed applications upon unenrollment from MDM. | CONFIGURATION MANAGEMENT |
| AIOS-10-080103 - Apple iOS must implement the management setting: not allow user to remove profiles that enforce DoD security requirements. | CONFIGURATION MANAGEMENT |
| AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-11-080202 - Apple iOS must wipe protected or sensitive data upon unenrollment from MDM. | CONFIGURATION MANAGEMENT, MEDIA PROTECTION |
| AIOS-11-080203 - Apple iOS must implement the management setting: force Apple Watch wrist detection. | CONFIGURATION MANAGEMENT |
| AIOS-98-080208 - Before establishing a user session, display an administrator-specified advisory notice and consent warning banner. | CONFIGURATION MANAGEMENT |
