Eleos | Home

Logging and Monitoring (LOG)

Failures and Anomalies Reporting

Level N/A

Define, implement and evaluate processes, procedures and technical measures for the reporting of anomalies and failures of the monitoring system and provide immediate notification to the accountable party.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-13

Related

Compliance Framework

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

CIS v8.0

Control Number

6.8

AU-5

AU-5(2)

AU-6

AU-6(3)

AU-6(4)

AU-6(5)

AU-16

DE.DP-3

DE.DP-4

MON-05

MON-05.1

MON-06

MON-11.2

MON-11.3

MON-16.3

8.11

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Security Incident Management Policy and Procedures

Level N/A

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for Security Incident Management, E-Discovery, and Cloud Forensics. Review and update the policies and procedures at least annually.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-01

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.4

IR-1

IR-2

IR-2(1)

IR-4

IR-4(12)

IR-4(14)

PM-1

PM-12

ID.GV-1

PR.IP-9

PR.IP-10

RS.CO-4

RS.IM-2

GOV-02

GOV-03

IRO-01

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Service Management Policy and Procedures

Level N/A

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the timely management of security incidents. Review and update the policies and procedures at least annually.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-02

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.4

PM-1

PM-6

IR-4

IR-4(6)

IR-4(9)

IR-4(14)

ID.GV-1

PR.IP-9

DE.AE-5

RS.CO-1

RS.CO-2

GOV-02

GOV-03

IRO-01

IRO-10.4

IRO-11.2

TPM-01

TPM-05

TPM-09

TPM-11

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Incident Response Plans

Level N/A

'Establish, document, approve, communicate, apply, evaluate and maintain a security incident response plan, which includes but is not limited to: relevant internal departments, impacted CSCs, and other business critical relationships (such as supply-chain) that may be impacted.'

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-03

Related

Compliance Framework

CIS v8.0

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.2

17.4

5.26

IR-1

IR-2

IR-2(1)

IR-2(2)

IR-2(3)

IR-3

IR-3(1)

IR-3(2)

IR-3(3)

IR-4

IR-4(1)

IR-4(2)

IR-4(3)

IR-4(4)

IR-4(5)

IR-4(6)

IR-4(7)

IR-4(8)

IR-4(9)

IR-4(10)

IR-4(12)

IR-4(14)

IR-4(15)

IR-5

IR-5(1)

IR-6

IR-6(1)

IR-6(2)

IR-6(3)

IR-7

IR-7(1)

IR-7(2)

IR-8

IR-8(1)

IR-9

IR-9(1)

IR-9(2)

IR-9(3)

IR-9(4)

PM-12

RS.CO-1

RS.CO-4

ID.AM-6

ID.GV-2

ID.SC-5

PR.IP-9

IRO-02

IRO-04

IRO-10.4

IRO-11.2

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Incident Response Testing

Level N/A

Test and update as necessary incident response plans at planned intervals or upon significant organizational or environmental changes for effectiveness.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-04

Related

Compliance Framework

CIS v8.0

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.7

5.36

IR-2

IR-2(1)

IR-2(2)

IR-2(3)

IR-3

IR-3(1)

IR-3(2)

IR-3(3)

IR-8

IR-9

IR-9(2)

PR.IP-9

PR.IP-10

ID.SC-5

RS.IM-1

RS.IM-2

IRO-05.1

IRO-06

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Incident Response Metrics

Level N/A

Establish and monitor information security incident metrics.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-05

Related

Compliance Framework

CIS v8.0

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.9

5.24

CA-7

CA-7(3)

CA-7(4)

IR-5

IR-4

IR-6(2)

IR-6(3)

PM-6

PM-31

RS.CO-2

RS.CO-3

GOV-05

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Event Triage Processes

Level N/A

Define, implement and evaluate processes, procedures and technical measures supporting business processes to triage security-related events.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-06

Related

Compliance Framework

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

CIS v8.0

Control Number

CA-7

CA-7(3)

CA-7(4)

CA-7(5)

CA-7(6)

IR-4

IR-4(1)

IR-4(3)

IR-4(4)

DE.AE-1

DE.AE-2

DE.AE-4

RS.RP-1

RS.AN-2

IRO-02

IRO-12

TPM-09

TPM-11

17.4

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Security Breach Notification

Level N/A

Define and implement, processes, procedures and technical measures for security breach notifications. Report security breaches and assumed security breaches including any relevant supply chain breaches, as per applicable SLAs, laws and regulations.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-07

Related

Compliance Framework

CIS v8.0

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.2

17.3

17.4

5.19

5.22

5.23

5.26

AU-13

AU-13(1)

AU-13(2)

AU-13(3)

IR-4

IR-4(15)

IR-6

IR-6(1)

IR-6(2)

IR-6(3)

PM-21

PM-23

RS.CO-2

RS.CO-3

RS.CO-4

IRO-10

IRO-10.2

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Security Incident Management and E-Discovery and Cloud Forensics (SEF)

Points of Contact Maintenance

Level N/A

Maintain points of contact for applicable regulation authorities, national and local law enforcement, and other legal jurisdictional authorities.

Parent

Compliance Framework

CCM v4.0.10

Control Number

SEF-08

Related

Compliance Framework

CIS v8.0

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

17.2

5.24

IR-4

IR-4(8)

IR-6

IR-6(3)

IR-7

IR-7(2)

PM-21

PM-23

PM-26

ID.GV-2

RS.CO-3

RS.CO-4

IRO-14

Solutions
Community

Title

Assigned to following Frameworks

+ add Assigned

Created on

2024, December 23

Task

Supply Chain Management and Transparency and Accountability (STA)

SSRM Policy and Procedures

Level N/A

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the application of the Shared Security Responsibility Model (SSRM) within the organization. Review and update the policies and procedures at least annually.

Parent

Compliance Framework

CCM v4.0.10

Control Number

STA-01

Related

Compliance Framework

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number