Australian Signals Directorate (ASD) Information Security User Guide
This section highlights some key reporting capabilities contained within the ASD Compliance Automation Suite. LogRhythm has adopted the Consolidated Compliance Framework (CCF) approach to find common control approaches across various frameworks. This approach has been applied to the ASD Compliance Automation Suite to help organizations streamline compliance objectives. All objects associated with this module follow the ‘CCF: XXX’ naming convention and utilize a restricted view to allow only those appropriate individuals to see ASD-ISM specific content.
New profiles can be created for the Global Administrator, Global Analyst, Restricted Administrator, Restricted Analyst, and Web Service Administrator security roles. The security roles enable the administrator to assign access to specific objects within the Entity to individual users. For example, many Restricted Analysts can be given access to Entity A, but not access to the same Log Sources within Entity A. Restricted Analyst 1 can have access to Log Sources 1, 2, and 3 on Entity A, while Restricted Analyst 2 has access to Log Sources 4, 5, and 6 on Entity A. This allows the organization to limit access to data and compliance content according to compliance needs.
As the organization identifies the need for a compliance module, in this instance ASD-ISM, it is important to consider where the organization is along the Compliance Maturity Module. How mature the organization is determines what key resources are available to better align the ASD Compliance Automation Suite deployment with your compliance program. As the organization matures and key internal resources are established, the organization can easily pivot from a strong compliance base to establish strong security practices.
The guide is divided into the following sections: