You must provide the policy and procedure documents for this audit. The Designs Detection Measures point of focus requires you to demonstrate that detection measures are designed to identify anomalies that could result from actual or attempted (1) compromise of physical barriers (2) unauthorized actions of authorized personnel (3) use of compromised identification and authentication credentials (4) unauthorized access from outside the system boundaries (5) compromise of authorized external parties and (6) implementation or connection of unauthorized hardware and software.Īlert Logic does not provide data for this point of focus. Procedures may include (1) a defined governance process for security event detection and management that includes provision of resources (2) use of intelligence sources to identify newly discovered threats and vulnerabilities and (3) logging of unusual system activities.Īlert Logic does not provide data for this point of focus. Implements Detection Policies, Procedures, and Tools point of focus requires you to demonstrate that detection policies and procedures are defined and implemented and detection tools are implemented on infrastructure and software to identify anomalies in the operation or unusual activity on systems. Implements Detection Policies, Procedures, and Tools This criteria requires that the entity monitors system components and the operation of those components for anomalies that are indicative of malicious acts, natural disasters, and errors affecting the entity's ability to meet its objectives anomalies are analyzed to determine whether they represent security events. This report also provides access to monitored network traffic for security events, and monitored logs and network traffic for security events in the Health page. You have direct access to reports related to security anomalies and data for security events that were detected across your environment. This report provides access to features in the Alert Logic console that help you demonstrate compliance with CC7.2. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications. Click the drop-down menu in the filter, and then select or clear values.Īfter you finish setting up the report, you can use SCHEDULE THIS REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated.Filter the report using drop-down menusīy default, Alert Logic includes (All) filter values in the report. To refine your findings, you can filter your report by date range and customer account. Available Documentation and Artifacts describes, and contains links to, the documentation and compliance artifacts that can demonstrate compliance with each point of focus. Points of Focus lists points of focus, specifically related to all engagements using the trust services criteria, that highlight important characteristics relating to CC7.2. The report summary page displays two columns. Click SOC 2 CC7.2 Security Event and Anomaly Detection.Click Reports, and then click Compliance.In the Alert Logic console, click the menu icon ( ), and then click Validate.To access the SOC 2 CC7.2 Security Event and Anomaly Detection report: The SOC 2 CC7.2 Security Event and Anomaly Detection report describes how to access security event and threat response reporting features in the Alert Logic console that help demonstrate compliance with Common Criteria (CC) 7.2. The SOC 2 Audit Reports provide documentation to help demonstrate compliance with the Trust Services Criteria established by the American Institute of Certified Public Accountants (AICPA). SOC 2 Common Criteria 7.2 Security Event and Anomaly Detection
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |