CCI-001275
CCI-001275 Definition
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if [SI-04(12)_ODP[01]; personnel or roles to be alerted when indications of inappropriate or unusual activity with security or privacy implications occur is/are defined] is/are alerted using [SI-04(12)_ODP[02]; automated mechanisms used to alert personnel or roles are defined] when [SI-04(12)_ODP[03]; activities that trigger alerts to personnel or are defined] indicate inappropriate or unusual activities with security or privacy implications.
Validation Procedures
Examine: [SELECT FROM: System and information integrity policy; system and information integrity procedures; procedures addressing system monitoring tools and techniques; system design documentation; system monitoring tools and techniques documentation; system configuration settings and associated documentation; list of inappropriate or unusual activities with security and privacy implications that trigger alerts; suspicious activity reports; alerts provided to security and privacy personnel; system monitoring logs or records; system audit records; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security and privacy responsibilities; system developers; organizational personnel installing, configuring, and/or maintaining the system; organizational personnel responsible for monitoring the system; organizational personnel responsible for the intrusion detection system]. Test: [SELECT FROM: Organizational processes for intrusion detection and system monitoring; automated mechanisms supporting and/or implementing intrusion detection and system monitoring capabilities; automated mechanisms supporting and/or implementing automated alerts to security personnel].