After you install the Knowledge Base, the ISO 27001 Compliance Automation Suite should be ready to configure. This section shows how you can verify that the ISO 27001 Compliance Automation Suite has been installed properly. As this was built around the Consolidated Compliance Framework (CCF) methodology, it will utilize CCF content. It will be important to leverage scope definition, system inventory, data classification, and audit evidence to build out Entity Structure and populate related lists.
Intelligent Indexing allows Reports, Investigations, and Tails to keep the appropriate log data online in the Log Manager/Data Processor. Care must be taken when choosing which object to allow Intelligent Indexing as broad criteria can cause an exceptional amount of online data and overwhelm the Log Manager/Data Processor. For events that are less mission critical or become 'noisy', this feature can be applied to further streamline and prioritize incoming log data.
Select, Verify, and populate thirty-seven (38) total Lists are contained in the List Manager. The Lists are available in the CCF documentation.
Lists should be established based on the content that is enabled (see the following three sections).
Check AIE Rules
Verify sixty-nine (69) AI Engine Rules are contained in the Advanced Intelligence (AI) Engine Rule Manager found in the Deployment Manager.
Verify thirty-three (33) Investigations are contained in the LogRhythm Client Console.
Verify thirty-seven (37) Reports and four (4) Reporting Packages are contained in the Reports tab of the Report Center.