>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

VM-19External Alerts and Advisories

>Control Description

Organization reviews alerts and advisories from management approved security forums and communicates verified threats to authorized personnel.

Theme

Process

Type

Preventive

Policy/Standard

Incident Management Policy

>Implementation Guidance

1. Ensure that a process has been defined and documented to review alerts and advisories from approved security forums. 2. Ensure that management reviews the list of approved security forums and updates accordingly. 3. Ensure all verified threats are communicated to authorized personnel and tracked to resolution

>Testing Procedure

1. Inspect and validate that a process has been defined and documented to review alerts and advisories from approved security forums. 2. Validate whether the management reviews the list of approved security forums and updates accordingly using last update evidence. 3. Validate communication and resolution evidence for a sample of verified threats.

>Audit Artifacts

E-IR-02
E-VM-18
E-VM-19

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

ISO 27002:2022
2

5.5
5.6

PCI DSS
1

6.3.1

BSI C5
1

OIS-05

Ask AI

Configure your API key to use AI features.