| 1.1.5 - AirWatch - Enable Erase Data | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.8 - AirWatch - Forget Wi-Fi networks to prevent automatic rejoin | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.9 - AirWatch - Turn off Ask to Join Networks | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.15 - AirWatch - Turn off Personal Hotspot when not needed | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.20 - AirWatch - Enable Find My iPhone/iPad | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.3 - AirWatch - Disable Auto Fill for Contact Information | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.8 - AirWatch - Turn On Private Browsing When Needed | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.6.5 Apply Security Context to Your Pods and Containers | CIS Kubernetes 1.13 Benchmark v1.4.1 L2 | Unix | |
| 2.1.1.1 Audit iCloud Keychain | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.1 - MobileIron - Enable Prevent Move for Sensitive Mail Accounts - EMAIL Configurations | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.6.2.1 Audit Full Disk Access for Applications | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.7.2 Audit iPhone Mirroring | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.9 Ensure Legacy EFI Is Valid and Updating | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.9.1.1 Ensure the OS Is Not Active When Resuming from Standby (Intel) | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.12 Audit Touch ID and Wallet & Apple Pay Settings | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION |
| 2.15 Audit Touch ID and Wallet & Apple Pay Settings | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Audit Software Inventory | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 5.9 Ensure Legacy EFI Is Valid and Updating | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-011800 - Apple iOS/iPadOS 15 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-013000 - Apple iOS/iPadOS 17 must disable password sharing. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-17-013000 - Apple iOS/iPadOS 17 must disable password sharing. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-15-002024 - The macOS system must disable sending search data from Spotlight to Apple. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| Intel hibernatemode | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | |
| Intel highstandbythreshold | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | |
| launchctl | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | |
