SI.L2-3.14.3—Security Alerts & Advisories
Level 2
800-171: 3.14.3
>Control Description
Monitor system security alerts and advisories and take action in response.
>Cross-Framework Mappings
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What is your policy for monitoring security alerts and advisories?
- •What sources do you monitor for security alerts (US-CERT, vendors, etc.)?
- •Who is responsible for reviewing security alerts?
- •What is your process for assessing and responding to security advisories?
- •How do you track response to security alerts?
Technical Implementation:
- •What alert feeds do you subscribe to (US-CERT, vendor bulletins)?
- •What tools aggregate security alerts?
- •What ticketing systems track alert response?
- •What automated alerting notifies responsible personnel?
- •What dashboards show alert response status?
Evidence & Documentation:
- •What patch management reports show timely patching?
- •What anti-malware deployment and update reports can you provide?
- •What malware scan reports and logs can you show?
- •What security monitoring reports demonstrate monitoring is occurring?
- •What security alert tracking shows alerts are reviewed and acted upon?
- •What incident detection logs demonstrate security monitoring?
- •What patch testing procedures can you provide?
Ask AI
Configure your API key to use AI features.