Demo · sample data, not for production use · request the real tool →

CC7.2

Monitors system components and the operation of those components

SecurityImplementedSecurity (Common Criteria)

Control description

AICPA Trust Services Criteria

The entity monitors system components and the operation of those components for anomalies that are indicative of malicious acts, natural disasters, and errors affecting the entity's ability to meet its objectives.

Auditor test plan

How this is tested during the audit

Auditor reviews the SIEM detection-rule library, sample alerts and triage notes, and the on-call escalation runbook.

Evidence

1 item attached to this control

Open vault →
  • ZIP

    siem-detection-rules-v12.zip

    sha256:0000000000000000… · 1.8 MB · 6d ago

Last reviewed
6d
Within 180-day window
Evidence on file
4

Owner

DS
Director, Security
Accountable for design + operating effectiveness

Status timeline

Recent control history

  1. Last reviewed by Director, Security

    6d ago

  2. Status set to implemented

    36d ago

  3. Initial control design approved

    96d ago