Alert [personnel or roles to be alerted when indications of inappropriate or unusual activity with security or privacy implications occur is/are defined;] using [automated mechanisms used to alert personnel or roles are defined;] when the following indications of inappropriate or unusual activities with security or privacy implications occur: [activities that trigger alerts to personnel or are defined;].
Supplemental
Organizational personnel on the system alert notification list include system administrators, mission or business owners, system owners, senior agency information security officer, senior agency official for privacy, system security officers, or privacy officers. Automated organization-generated alerts are the security alerts generated by organizations and transmitted using automated means. The sources for organization-generated alerts are focused on other entities such as suspicious activity reports and reports on potential insider threats. In contrast to alerts generated by the organization, alerts generated by the system in [SI-4(5)](#si-4.5) focus on information sources that are internal to the systems, such as audit records.