SOC 2 - Reports and Reporting Packages
Summary Reports
Reports | SOC 2 Controls Applicable | Data Source | Intelligent Indexing | Classification | Log Sources |
|---|---|---|---|---|---|
CCF: Access Failure Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Access Success Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Account Deleted Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Account Disabled Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | LogMart | No | Audit | All Available Log Sources |
CCF: Account Enabled Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Audit | All Available Log Sources |
CCF: Account Modification Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Applications Accessed By User Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | No | Operations | All Available Log Sources |
CCF: Audit Log Summary | 3.4.04, 4.1.01, 4.1.08, 4.2.02, 5.1.06, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.1.09, 6.1.10, 6.2.01, 6.2.03, 6.3.03, 6.7.02, 6.7.04, 6.8.02, 6.8.03, 6.8.04, 6.8.05, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, 8.1.14, C1.1.02, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Audit | All Available Log Sources |
CCF: Auth Failure Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Auth Success Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Backup Activity Summary | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.05, 7.4.11, 7.5.01, 7.5.02, A1.2.08, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | No | Operations | All Available Log Sources |
CCF: Compromises Detected Summary | 5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | LogMart | Yes | Security | All Available Log Sources |
CCF: Config/Policy Change Summary | 3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | LogMart | Yes | Audit | All Available Log Sources |
CCF: Critical Environment Error Summary | 3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Operations | All Available Log Sources |
CCF: GeoIP Summary | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Security | All Available Log Sources |
CCF: LogRhythm Data Loss Defender Log Summary | 5.2.02, 6.1.09, 6.1.10, 6.7.02, 6.7.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, 8.1.14, C1.1.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | LogMart | Yes | Operations | All Available Log Sources |
CCF: Malware Detected Summary | 5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Security | All Available Log Sources |
CCF: Object Access Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | No | Audit | All Available Log Sources |
CCF: Patch Activity Summary | 3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | Yes | Operations | All Available Log Sources |
CCF: Physical Access Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 6.4.02, 6.4.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Audit | All Available Log Sources |
CCF: Priv Account Management Activity Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | Yes | Audit | All Available Log Sources |
CCF: Priv Authentication Activity Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Audit | All Available Log Sources |
CCF: Rogue Access Point Summary | 5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Security | All Available Log Sources |
CCF: Signature Activity Summary | 3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | LogMart | Yes | Operations | All Available Log Sources |
CCF: Social Media Summary | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Audit | All Available Log Sources |
CCF: Suspected Wireless Attack Summary | 5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Security | All Available Log Sources |
CCF: Term Account Activity Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.02, 6.3.02, 6.3.03, 6.4.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | Yes | Audit | All Available Log Sources |
CCF: Time Sync Error Summary | 3.4.04, 4.1.01, 4.1.08, 4.2.02, 4.2.03, 5.1.06, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.1.09, 6.1.10, 6.2.01, 6.3.03, 6.7.02, 6.7.04, 6.8.02, 6.8.03, 6.8.04, 6.8.05, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, 8.1.14, C1.1.02, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Operations | All Available Log Sources |
CCF: Top Suspicious Users | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | Yes | Security | All Available Log Sources |
CCF: Use Of Non- Encrypted Protocols Summary | 5.2.02, 6.1.09, 6.1.10, 6.7.02, 6.7.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, 8.1.14, C1.1.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | LogMart | Yes | Audit | All Available Log Sources |
CCF: User Misuse Summary | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | No | Security | All Available Log Sources |
CCF: User Object Access Summary | 4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | Yes | Audit | All Available Log Sources |
CCF: User Priv Escalation (SU & SUDO) Summary | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Data Processor(s) | Yes | Audit | All Available Log Sources |
CCF: User Priv Escalation (Windows) Summary | 5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Audit | All Available Log Sources |
CCF: Vulnerability Detected Summary | 5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.08, 7.4.09, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06 | Platform Manager | Yes | Security | All Available Log Sources |
Detailed Reports
The Intelligent Indexing settings are recommendations. The default configuration is No.
Report Name | Report Description | Control Support | Data Source | Intelligent Indexing | Classification | Log Sources | Report ID |
|---|---|---|---|---|---|---|---|
| CCF: Account Deleted Summary | This report provides detailed information when an account has access revoked (deleted) across any logged environments. This should align with the organization's policies regarding deleted accounts. | Platform Manager | Yes | Audit | All Available Log Sources | 2086 | |
| CCF: Account Enabled Summary | This report provides detailed information when an account has access granted across any logged environments. This should align with the organization's policies regarding enabled accounts. | Platform Manager | Yes | Audit | All Available Log Sources | 2085 | |
| CCF: Account Modification Summary | This report provides summary information around account modifications across all logged environments. | Platform Manager | Yes | Audit | All Available Log Sources | 2092 | |
CCF: Host Access Granted And Revoked Detail | This report details all access granted and revoked for production systems. | Data Processor(s) | Yes | Audit | All Available Log Sources | 2065 | |
CCF: Unknown User Account Detail | This report provides details of activity from unknown user accounts, based off CCF user lists. | Data Processor(s) | Yes | Security | All Available Log Sources | 2071 |
Reporting Packages
Report Package Name | Report Package Description | Report Package ID |
|---|---|---|
CCF: Daily IT Operations Reporting Package | This reporting package is a template to deliver pertinent content for IT Operations on a daily basis. | 89 |
CCF: Daily IT Security Reporting Package | This reporting package is a template to deliver pertinent content for IT Security on a daily basis. | 90 |
CCF: Executive Reporting Package | This reporting package is a template to deliver pertinent content for Executives on a monthly basis. | 87 |
CCF: Weekly Audit Reporting Package | This reporting package is a template to deliver pertinent content for Internal and/or External Audit groups on a weekly basis. | 88 |
*SOC 2 Control Key | |
|---|---|
Control Format | Definition |
| xx.xx.xx | Common Criteria 1-9, Criteria Description, Point of Focus |
| Ax.xx.xx | Availability Criteria, Criteria Description, Description, Point of Focus |
| Cx.xx.xx | Confidentiality Criteria, Criteria Description, Point of Focus |
| PIx.xx.xx | Processing Integrity Criteria, Criteria Description, Point of Focus |
| Px.xx.xx | Privacy Criteria, Criteria Description, Point of Focus |