>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SM-29Availability Monitoring Alert Criteria

>Control Description

Organization defines availability monitoring alert criteria, how alert criteria will be flagged, and identifies authorized personnel for flagged system alerts.

Theme

Process

Type

Corrective

Policy/Standard

Logging & Monitoring Standard

>Implementation Guidance

1. Ensure that a documented Availability Monitoring Standard is present including requirements defined for responding to alerts and confirmed incidents. 2. Establish a process to ensure that the availability monitoring rules are defined and implemented to flag events, and notify authorized personnel. 3. Ensure that the system configurations of monitoring tools include Availability Monitoring Alert Criteria.

>Testing Procedure

1. Inspect Organization's Availability Monitoring Standard to determine whether requirements for availability monitoring alert criteria are defined. 2. Inspect availability monitoring tool to determine whether availability monitoring rules are defined and implemented to flag events, and notify authorized personnel. 3. Inspect system configurations of monitoring tools for a sample of services to determine whether Availability Monitoring Alert Criteria are configured for monitoring and alerting purposes on in-scope systems.

>Audit Artifacts

E-SM-22
E-SM-23
E-SM-24

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

NIST CSF
2

DE.AE-5
PR.DS-4

FedRAMP Rev 5
1

SI-05

PCI DSS
4

10.4 10.4.1
10.4.1.1
10.4.2
10.4.2.1

SOC 2
3

CC3.1
CC7.2
A1.1

BSI C5
4

OPS-01
OPS-02
OPS-09
PS-02

TX-RAMP
1

SI-5

Ask AI

Configure your API key to use AI features.