SOC 2 - Reports and Reporting Packages

CCF: Access Failure Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Access Success Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Account Deleted Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Account Disabled Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

LogMart

No

Audit

All Available Log Sources

CCF: Account Enabled Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Audit

All Available Log Sources

CCF: Account Modification Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Applications Accessed By User Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

No

Operations

All Available Log Sources

CCF: Audit Log Summary

3.4.04, 4.1.01, 4.1.08, 4.2.02, 5.1.06, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.1.09, 6.1.10, 6.2.01, 6.2.03, 6.3.03, 6.7.02, 6.7.04, 6.8.02, 6.8.03, 6.8.04, 6.8.05, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, 8.1.14, C1.1.02, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Audit

All Available Log Sources

CCF: Auth Failure Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Auth Success Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Backup Activity Summary

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.05, 7.4.11, 7.5.01, 7.5.02, A1.2.08, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

No

Operations

All Available Log Sources

CCF: Compromises Detected Summary

5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

LogMart

Yes

Security

All Available Log Sources

CCF: Config/Policy Change Summary

3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

LogMart

Yes

Audit

All Available Log Sources

CCF: Critical Environment Error Summary

3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Operations

All Available Log Sources

CCF: GeoIP Summary

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Security

All Available Log Sources

CCF: LogRhythm Data Loss Defender Log Summary

5.2.02, 6.1.09, 6.1.10, 6.7.02, 6.7.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, 8.1.14, C1.1.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

LogMart

Yes

Operations

All Available Log Sources

CCF: Malware Detected Summary

5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Security

All Available Log Sources

CCF: Object Access Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

No

Audit

All Available Log Sources

CCF: Patch Activity Summary

3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

Yes

Operations

All Available Log Sources

CCF: Physical Access Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 6.4.02, 6.4.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Audit

All Available Log Sources

CCF: Priv Account Management Activity Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

Yes

Audit

All Available Log Sources

CCF: Priv Authentication Activity Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Audit

All Available Log Sources

CCF: Rogue Access Point Summary

5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Security

All Available Log Sources

CCF: Signature Activity Summary

3.4.04, 5.1.06, 5.2.02, 6.8.02, 6.8.03, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

LogMart

Yes

Operations

All Available Log Sources

CCF: Social Media Summary

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Audit

All Available Log Sources

CCF: Suspected Wireless Attack Summary

5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Security

All Available Log Sources

CCF: Term Account Activity Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.02, 6.3.02, 6.3.03, 6.4.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

Yes

Audit

All Available Log Sources

CCF: Time Sync Error Summary

3.4.04, 4.1.01, 4.1.08, 4.2.02, 4.2.03, 5.1.06, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.1.09, 6.1.10, 6.2.01, 6.3.03, 6.7.02, 6.7.04, 6.8.02, 6.8.03, 6.8.04, 6.8.05, 7.1.01, 7.1.03, 7.1.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, 8.1.01, 8.1.05, 8.1.10, 8.1.11, 8.1.12, 8.1.14, C1.1.02, PI1.3.03, PI1.5.01, PI1.5.02, PI1.5.03, PI1.5.04, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Operations

All Available Log Sources

CCF: Top Suspicious Users

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

Yes

Security

All Available Log Sources

CCF: Use Of Non- Encrypted Protocols Summary

5.2.02, 6.1.09, 6.1.10, 6.7.02, 6.7.04, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, 8.1.14, C1.1.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

LogMart

Yes

Audit

All Available Log Sources

CCF: User Misuse Summary

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

No

Security

All Available Log Sources

CCF: User Object Access Summary

4.1.01, 4.1.08, 4.2.02, 5.2.02, 5.2.03, 6.1.02, 6.1.03, 6.1.04, 6.1.05, 6.1.06, 6.1.07, 6.1.08, 6.2.01, 6.2.03, 6.3.03, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.01, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

Yes

Audit

All Available Log Sources

CCF: User Priv Escalation (SU & SUDO) Summary

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Data Processor(s)

Yes

Audit

All Available Log Sources

CCF: User Priv Escalation (Windows) Summary

5.2.02, 7.2.01, 7.2.02, 7.3.02, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Audit

All Available Log Sources

CCF: Vulnerability Detected Summary

5.2.02, 6.8.04, 6.8.05, 7.2.01, 7.2.02, 7.3.02, 7.4.08, 7.4.09, 7.4.11, 7.5.02, P6.5.02, P6.6.01, P6.6.02, P8.1.05, P8.1.06

Platform Manager

Yes

Security

All Available Log Sources

CCF: Account Deleted Summary

This report provides detailed information when an account has access revoked (deleted) across any logged environments. This should align with the organization's policies regarding deleted accounts.

Platform Manager

Yes

Audit

All Available Log Sources

2086

CCF: Account Enabled Summary

This report provides detailed information when an account has access granted across any logged environments. This should align with the organization's policies regarding enabled accounts.

Platform Manager

Yes

Audit

All Available Log Sources

2085

CCF: Account Modification Summary

This report provides summary information around account modifications across all logged environments.

Platform Manager

Yes

Audit

All Available Log Sources

2092

CCF: Host Access Granted And Revoked Detail

This report details all access granted and revoked for production systems.

Data Processor(s)

Yes

Audit

All Available Log Sources

2065

CCF: Unknown User Account Detail

This report provides details of activity from unknown user accounts, based off CCF user lists.

Data Processor(s)

Yes

Security

All Available Log Sources

2071

CCF: Daily IT Operations Reporting Package

This reporting package is a template to deliver pertinent content for IT Operations on a daily basis.

89

CCF: Daily IT Security Reporting Package

This reporting package is a template to deliver pertinent content for IT Security on a daily basis.

90

CCF: Executive Reporting Package

This reporting package is a template to deliver pertinent content for Executives on a monthly basis.

87

CCF: Weekly Audit Reporting Package

This reporting package is a template to deliver pertinent content for Internal and/or External Audit groups on a weekly basis.

88

xx.xx.xx

Common Criteria 1-9, Criteria Description, Point of Focus

Ax.xx.xx

Availability Criteria, Criteria Description, Description, Point of Focus

Cx.xx.xx

Confidentiality Criteria, Criteria Description, Point of Focus

PIx.xx.xx

Processing Integrity Criteria, Criteria Description, Point of Focus

Px.xx.xx

Privacy Criteria, Criteria Description, Point of Focus