|
Control Description |
Support |
AIE Rules/Alerts |
Investigations |
Reports |
|---|---|---|---|---|
|
APO01.03: IT-related policies |
Augment |
SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: FIM Critical/Error/Information Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv SOX: FIM Activity Inv |
SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: Data Loss Prevention Summary SOX: FIM Activity Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: Data Loss Prevention Detail SOX: FIM Activity Detail |
|
APO01.06: Define information (data) and system ownership. |
Augment |
SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: FIM Critical/Error/Information Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv SOX: FIM Activity Inv |
SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: Data Loss Prevention Summary SOX: FIM Activity Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: Data Loss Prevention Detail SOX: FIM Activity Detail |
|
APO02.02: Assess the current environment, capabilities and performance. |
Augment |
N/A |
N/A |
N/A |
|
APO02.06: Communications package |
Augment |
N/A |
N/A |
N/A |
|
APO07.05: Plan and track the usage of IT and business human resources. |
Augment |
|
SOX: Acct Created, Used, Deleted Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv |
SOX: Acct Created, Used, Deleted Summary SOX: Account Created Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Usage Auditing Event Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
|
APO10.03: Manage supplier relationships and contracts. |
Augment |
N/A |
SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv |
SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
|
APO10.04: Manage supplier risk. |
Augment |
N/A |
SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv |
SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
|
APO10.05: Monitor supplier performance and compliance. |
Augment |
N/A |
SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv |
SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
|
BAI03.07: Prepare for solution testing. |
Augment |
N/A |
SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv |
SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
|
BAI03.08: Execute solution testing. |
Augment |
N/A |
SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv |
SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
|
BAI04.01: Assess current availability, performance and capacity to create a baseline. |
Augment |
N/A |
SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv |
SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
|
BAI04.03: Plan for new or changed service requirements. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: FIM Activity Inv SOX: FIM Critical/Error/Information Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: Data Loss Prevention Inv |
SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: FIM Activity Summary SOX: FIM Critical/Error/Information Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Data Loss Prevention Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: FIM Activity Detail SOX: FIM Critical/Error/Information Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: Data Loss Prevention Detail |
|
BAI04.04: Monitor and review availability and capacity. |
Augment |
N/A |
SOX: Time Sync Error Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Time Sync Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Time Sync Error Detail SOX: LogRhythm Silent Log Source Error Detail |
|
BAI04.05: Investigate and address availability, performance and capacity issues. |
Augment |
N/A |
SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv |
SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Time Sync Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: Time Sync Error Detail |
|
BAI06.01: Evaluate, prioritize, and authorize change requests. |
Augment |
N/A |
SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv |
SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary |
|
|
|
|
|
SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail |
|
BAI06.02: Manage emergency changes. |
Augment |
N/A |
SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv |
SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary |
|
|
|
|
|
SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail |
|
BAI07.04: Establish a test environment. |
Augment |
N/A |
SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv |
SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
|
BAI07.05: Perform acceptance tests. |
Augment |
N/A |
SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv |
SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
|
BAI07.06: Promote to production and manage releases. |
Augment |
N/A |
SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv |
SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
|
BAI07.07: Provide early production support. |
Augment |
N/A |
SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv |
SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary |
|
|
|
|
|
SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
|
BAI07.08: Perform a post implementation review. |
Augment |
N/A |
SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv |
SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
|
BAI10.02: Establish and maintain a configuration repository and baseline. |
Augment |
N/A |
SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: LogRhythm Silent Log Source Error Detail |
|
BAI10.03: Maintain and control configuration items. |
Augment |
N/A |
SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: LogRhythm Silent Log Source Error Detail |
|
BAI10.04: Produce status and configuration reports. |
Augment |
N/A |
SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: LogRhythm Silent Log Source Error Detail |
|
DSS01.01: Perform operational procedures. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv |
SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Data Loss Prevention Summary |
|
|
|
|
|
SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Summary SOX: System Startup And Shutdown Detail SOX: Time Sync Error Detail SOX: Data Loss Prevention Detail |
|
DSS01.02: Manage outsourced IT services. |
Augment |
N/A |
SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv |
SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
|
DSS01.03: Monitor IT infrastructure. |
Augment |
N/A |
SOX: Time Sync Error Inv |
SOX: Time Sync Error Summary SOX: Time Sync Error Detail |
|
DSS02.01: Define incident and service request classification schemes. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Account Created Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Usage Auditing Event Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: System Startup And Shutdown Detail SOX: Non-Encrypted Protocol Detail SOX: Acct Created, Used, Deleted Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
|
DSS02.02: Record, classify and prioritize requests and incidents. |
Direct |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
|
DSS02.03: Verify, approve and fulfil requests. |
Direct |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
|
DSS02.04: Investigate, diagnose and allocate incidents. |
Direct |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
|
DSS02.05: Resolve and recover from incidents. |
Direct |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
|
DSS02.06: Close service requests and incidents. |
Direct |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
|
DSS02.07: Track status and produce reports. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
|
DSS03.01: Identify and classify problems. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
|
DSS03.02: Investigate and diagnose problems. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
|
DSS03.03: Raise known errors. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
|
DSS03.04: Resolve and close problems. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
|
DSS03.05: Perform proactive problem management. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
|
DSS04.07: Manage backup arrangements. |
Augment |
N/A |
SOX: Backup Failure/Error Inv SOX: Backup Activity Inv |
SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: Backup Failure/Error Detail SOX: Backup Activity Detail |
|
DSS05.01: Protect against malware. Appropriate controls, including firewalls, intrusion detection and vulnerability assessments, exist and are used to prevent unauthorized access via public networks. |
Direct |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Acct Created, Used, Deleted Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Usage Auditing Event Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Usage Auditing Event Detail SOX: Acct Created, Used, Deleted Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail |
|
DSS05.02: Manage network and connectivity security. Appropriate controls, including firewalls, intrusion detection and vulnerability assessments, exist and are used to prevent unauthorized access via public networks. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Acct Created, Used, Deleted Inv SOX: Non-Encrypted Protocol Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Data Loss Prevention Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Acct Created, Used, Deleted Summary SOX: Non-Encrypted Protocol Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail |
|
DSS05.03: Manage endpoint security. Appropriate controls, including firewalls, intrusion detection and vulnerability assessments, exist and are used to prevent unauthorized access via public networks. |
Augment |
SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Acct Created, Used, Deleted Inv SOX: Non-Encrypted Protocol Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Data Loss Prevention Inv SOX: LogRhythm Silent Log Source Error Inv |
SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Acct Created, Used, Deleted Summary SOX: Non-Encrypted Protocol Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail |
|
DSS05.04: Manage user identity and logical access. Procedures exist and are followed to maintain the effectiveness of authentication and access mechanisms. (e.g., regular password changes). |
Augment |
N/A |
SOX: Acct Created, Used, Deleted Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv |
SOX: Acct Created, Used, Deleted Summary SOX: Account Created Summary SOX: Top Suspicious Users Summary SOX: Top Suspicious Login Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Usage Auditing Event Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
|
DSS05.05: |
Direct |
SOX: Physical Access Rule |
SOX: Physical Access Inv |
SOX: Physical Access Summary SOX: Physical Access Detail |
|
DSS05.06: Manage sensitive documents and output devices. |
Augment |
SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv |
SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Data Loss Prevention Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: Data Loss Prevention Detail |
|
DSS05.07: Monitor the infrastructure for security- related events. |
Augment |
N/A |
SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv |
SOX: Acct Created, Used, Deleted Summary SOX: Non-Encrypted Protocol Summary SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Account Created Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Usage Auditing Event Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Non-Encrypted Protocol Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
|
DSS06.03: Manage roles, responsibilities, access privileges and levels of authority. Procedures exist and are followed to maintain the effectiveness of authentication and access mechanisms. (e.g., regular password changes). |
Augment |
N/A |
SOX: Acct Created, Used, Deleted Inv SOX: Password Modified Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv |
SOX: Acct Created, Used, Deleted Summary SOX: Password Modified Summary SOX: Account Created Summary SOX: Top Suspicious Users Summary SOX: Top Suspicious Login Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Password Modified Detail SOX: Account Created Detail SOX: Usage Auditing Event Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
|
DSS06.05: Ensure traceability of information events and accountabilities. |
Augment |
N/A |
N/A |
N/A |
|
DSS06.06: Secure information assets. |
Augment |
SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule |
SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv |
SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Data Loss Prevention Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: Data Loss Prevention Detail |
|
MEA01.04: Analyze and report performance. |
Augment |
General LogRhythm Approach |
General LogRhythm Approach |
General LogRhythm Approach |