>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SM-25System Security Monitoring

>Control Description

Critical systems are monitored in accordance with predefined security criteria and alerts are sent to authorized personnel. Confirmed incidents are tracked to resolution.

Theme

Process

Type

Detective

Policy/Standard

Logging & Monitoring Standard

>Implementation Guidance

1. Ensure that Organization's Security Monitoring Standard includes requirements for responding to flagged system alerts and confirmed incidents. 2. Configure security monitoring tool to ensure that critical information system activity is monitored. 3. Ensure that the events are triaged and resolved by authorized personnel as applicable.

>Testing Procedure

1. Inspect Organization's Security Monitoring Standard to determine whether requirements are defined for responding to flagged system alerts and confirmed incidents. 2. For a sample of services, inspect security monitoring tool to determine whether critical information system activity is monitored. 3. Inspect a sample of security events to determine whether the events are triaged and resolved by authorized personnel as applicable.

>Audit Artifacts

E-SM-10
E-SM-19

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

NIST CSF
4

RS.AN-1
DE.AE-2
DE.CM-7
RS.AN-1

ISO 27002:2022
1

8.16

FedRAMP Rev 5
6

AU-02
AU-05
AU-09
SI-04
SI-05
IR-06 (01)

PCI DSS
1

12.10.1

HIPAA Security Rule
7

164.308(a)(1)(ii)(D)
164.308(a)(5)(ii)(B)
164.308(a)(5)(ii)(C)
164.308(a)(6)(ii)
164.312(b)
164.312(c)(1)
+1 more

SOC 2
3

CC6.8
CC7.2
CC7.3

BSI C5
8

COS-01
COS-03
OIS-03
OPS-10
OPS-13
SIM-05
+2 more

TX-RAMP
5

AU-2
AU-5
AU-9
SI-4
SI-5

Ask AI

Configure your API key to use AI features.