SOX – Requirements
Control Description | Support | AIE Rules/Alerts | Investigations | Reports |
|---|---|---|---|---|
APO01.03: IT-related policies | Augment | SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: FIM Critical/Error/Information Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv SOX: FIM Activity Inv | SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: Data Loss Prevention Summary SOX: FIM Activity Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: Data Loss Prevention Detail SOX: FIM Activity Detail |
APO01.06: Define information (data) and system ownership. | Augment | SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: FIM Critical/Error/Information Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv SOX: FIM Activity Inv | SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: Data Loss Prevention Summary SOX: FIM Activity Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: Data Loss Prevention Detail SOX: FIM Activity Detail |
APO02.02: Assess the current environment, capabilities and performance. | Augment | N/A | N/A | N/A |
APO02.06: Communications package | Augment | N/A | N/A | N/A |
APO07.05: Plan and track the usage of IT and business human resources. | Augment |
| SOX: Acct Created, Used, Deleted Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv | SOX: Acct Created, Used, Deleted Summary SOX: Account Created Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Usage Auditing Event Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
APO10.03: Manage supplier relationships and contracts. | Augment | N/A | SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv | SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
APO10.04: Manage supplier risk. | Augment | N/A | SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv | SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
APO10.05: Monitor supplier performance and compliance. | Augment | N/A | SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv | SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
BAI03.07: Prepare for solution testing. | Augment | N/A | SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv | SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
BAI03.08: Execute solution testing. | Augment | N/A | SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv | SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
BAI04.01: Assess current availability, performance and capacity to create a baseline. | Augment | N/A | SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv | SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
BAI04.03: Plan for new or changed service requirements. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: FIM Activity Inv SOX: FIM Critical/Error/Information Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: Data Loss Prevention Inv | SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: FIM Activity Summary SOX: FIM Critical/Error/Information Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Data Loss Prevention Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: FIM Activity Detail SOX: FIM Critical/Error/Information Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: Data Loss Prevention Detail |
BAI04.04: Monitor and review availability and capacity. | Augment | N/A | SOX: Time Sync Error Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Time Sync Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Time Sync Error Detail SOX: LogRhythm Silent Log Source Error Detail |
BAI04.05: Investigate and address availability, performance and capacity issues. | Augment | N/A | SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv | SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Time Sync Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: Time Sync Error Detail |
BAI06.01: Evaluate, prioritize, and authorize change requests. | Augment | N/A | SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv | SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary |
|
|
|
| SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail |
BAI06.02: Manage emergency changes. | Augment | N/A | SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv | SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary |
|
|
|
| SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail |
BAI07.04: Establish a test environment. | Augment | N/A | SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv | SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
BAI07.05: Perform acceptance tests. | Augment | N/A | SOX: TST Environment Error Inv SOX: TST Authentication Success Inv SOX: TST Authentication Failure Inv SOX: TST Access Success Inv SOX: TST Access Failure Inv SOX: TST Priv Acct Authentication Inv | SOX: TST Environment Error Summary SOX: TST Authentication Success Summary SOX: TST Authentication Failure Summary SOX: TST Access Success Summary SOX: TST Access Failure Summary SOX: TST Priv Acct Authentication Summary SOX: TST Environment Error Detail SOX: TST Authentication Success Detail SOX: TST Authentication Failure Detail SOX: TST Access Success Detail SOX: TST Access Failure Detail SOX: TST Priv Acct Authentication Detail |
BAI07.06: Promote to production and manage releases. | Augment | N/A | SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv | SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
BAI07.07: Provide early production support. | Augment | N/A | SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv | SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary |
|
|
|
| SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
BAI07.08: Perform a post implementation review. | Augment | N/A | SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv | SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail |
BAI10.02: Establish and maintain a configuration repository and baseline. | Augment | N/A | SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: LogRhythm Silent Log Source Error Detail |
BAI10.03: Maintain and control configuration items. | Augment | N/A | SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: LogRhythm Silent Log Source Error Detail |
BAI10.04: Produce status and configuration reports. | Augment | N/A | SOX: Config/Policy Change Inv SOX: *NIX Hosts Configuration Change Inv SOX: Windows Hosts Configuration Change Inv SOX: Patch Applied Inv SOX: Patch Failure Inv SOX: Signature Update Inv SOX: Signature Failure Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Config/Policy Change Summary SOX: *NIX Hosts Configuration Change Summary SOX: Windows Hosts Configuration Change Summary SOX: Patch Applied Summary SOX: Patch Failure Summary SOX: Signature Update Summary SOX: Signature Failure Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Config/Policy Change Detail SOX: Windows Hosts Configuration Change Detail SOX: *NIX Hosts Configuration Change Detail SOX: Patch Applied Detail SOX: Patch Failure Detail SOX: Signature Update Detail SOX: Signature Failure Detail SOX: LogRhythm Silent Log Source Error Detail |
DSS01.01: Perform operational procedures. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv | SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Data Loss Prevention Summary |
|
|
|
| SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Summary SOX: System Startup And Shutdown Detail SOX: Time Sync Error Detail SOX: Data Loss Prevention Detail |
DSS01.02: Manage outsourced IT services. | Augment | N/A | SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv | SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail |
DSS01.03: Monitor IT infrastructure. | Augment | N/A | SOX: Time Sync Error Inv | SOX: Time Sync Error Summary SOX: Time Sync Error Detail |
DSS02.01: Define incident and service request classification schemes. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Account Created Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Usage Auditing Event Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Summary SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: System Startup And Shutdown Detail SOX: Non-Encrypted Protocol Detail SOX: Acct Created, Used, Deleted Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
DSS02.02: Record, classify and prioritize requests and incidents. | Direct | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
DSS02.03: Verify, approve and fulfil requests. | Direct | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
DSS02.04: Investigate, diagnose and allocate incidents. | Direct | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
DSS02.05: Resolve and recover from incidents. | Direct | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
DSS02.06: Close service requests and incidents. | Direct | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail SOX: FIM Activity Detail |
DSS02.07: Track status and produce reports. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
DSS03.01: Identify and classify problems. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
DSS03.02: Investigate and diagnose problems. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
DSS03.03: Raise known errors. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
DSS03.04: Resolve and close problems. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
DSS03.05: Perform proactive problem management. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Critical Environment Error Inv SOX: Production Environment Error Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Backup Failure/Error Inv SOX: Backup Activity Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Time Sync Error Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Critical Environment Error Summary SOX: Production Environment Error Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: System Startup And Shutdown Summary SOX: Time Sync Error Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Critical Environment Error Detail SOX: Production Environment Error Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Backup Failure/Error Detail SOX: Backup Activity Detail SOX: FIM Critical/Error/Information Detail SOX: System Startup And Shutdown Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Time Sync Error Detail |
DSS04.07: Manage backup arrangements. | Augment | N/A | SOX: Backup Failure/Error Inv SOX: Backup Activity Inv | SOX: Backup Failure/Error Summary SOX: Backup Activity Summary SOX: Backup Failure/Error Detail SOX: Backup Activity Detail |
DSS05.01: Protect against malware. Appropriate controls, including firewalls, intrusion detection and vulnerability assessments, exist and are used to prevent unauthorized access via public networks. | Direct | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Acct Created, Used, Deleted Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Non-Encrypted Protocol Summary SOX: Acct Created, Used, Deleted Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: Usage Auditing Event Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Non-Encrypted Protocol Detail SOX: Usage Auditing Event Detail SOX: Acct Created, Used, Deleted Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail |
DSS05.02: Manage network and connectivity security. Appropriate controls, including firewalls, intrusion detection and vulnerability assessments, exist and are used to prevent unauthorized access via public networks. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Acct Created, Used, Deleted Inv SOX: Non-Encrypted Protocol Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Data Loss Prevention Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Acct Created, Used, Deleted Summary SOX: Non-Encrypted Protocol Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail |
DSS05.03: Manage endpoint security. Appropriate controls, including firewalls, intrusion detection and vulnerability assessments, exist and are used to prevent unauthorized access via public networks. | Augment | SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Acct Created, Used, Deleted Inv SOX: Non-Encrypted Protocol Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Data Loss Prevention Inv SOX: LogRhythm Silent Log Source Error Inv | SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Acct Created, Used, Deleted Summary SOX: Non-Encrypted Protocol Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: Acct Created, Used, Deleted Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail |
DSS05.04: Manage user identity and logical access. Procedures exist and are followed to maintain the effectiveness of authentication and access mechanisms. (e.g., regular password changes). | Augment | N/A | SOX: Acct Created, Used, Deleted Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv | SOX: Acct Created, Used, Deleted Summary SOX: Account Created Summary SOX: Top Suspicious Users Summary SOX: Top Suspicious Login Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Usage Auditing Event Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
DSS05.05: | Direct | SOX: Physical Access Rule | SOX: Physical Access Inv | SOX: Physical Access Summary SOX: Physical Access Detail |
DSS05.06: Manage sensitive documents and output devices. | Augment | SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv | SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Data Loss Prevention Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: Data Loss Prevention Detail |
DSS05.07: Monitor the infrastructure for security- related events. | Augment | N/A | SOX: Malware Detected Inv SOX: Vulnerability Detected Inv SOX: Attack Detected Inv SOX: Rogue Access Point Inv SOX: Data Loss Prevention Inv SOX: Non-Encrypted Protocol Inv SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: LogRhythm Silent Log Source Error Inv SOX: Acct Created, Used, Deleted Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv | SOX: Acct Created, Used, Deleted Summary SOX: Non-Encrypted Protocol Summary SOX: Malware Detected Summary SOX: Vulnerability Detected Summary SOX: Attack Detected Summary SOX: Rogue Access Point Summary SOX: Data Loss Prevention Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Account Created Summary SOX: Top Applications Experiencing Errors Summary SOX: Top Hosts Experiencing Errors Summary SOX: Top Suspicious Users Summary SOX: Top Attacker Summary SOX: Top Suspicious Login Summary SOX: Top Targeted Application Summary SOX: Top Targeted Host Summary SOX: LogRhythm Silent Log Source Error Summary SOX: Log Volume by Log Source Summary SOX: Log Volume by Entity Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Malware Detected Detail SOX: Vulnerability Detected Detail SOX: Usage Auditing Event Detail SOX: Attack Detected Detail SOX: Rogue Access Point Detail SOX: Data Loss Prevention Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: LogRhythm Silent Log Source Error Detail SOX: Non-Encrypted Protocol Detail SOX: Account Created Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
DSS06.03: Manage roles, responsibilities, access privileges and levels of authority. Procedures exist and are followed to maintain the effectiveness of authentication and access mechanisms. (e.g., regular password changes). | Augment | N/A | SOX: Acct Created, Used, Deleted Inv SOX: Password Modified Inv SOX: Account Created Inv SOX: Priv Acct Auth Failure Inv SOX: Priv Acct Auth Success Inv SOX: Priv Acct UAM Inv SOX: Priv Acct Access Success Inv SOX: Priv Acct Access Failure Inv SOX: Priv Acct Disabled/Enabled Inv SOX: Vendor Acct Authentication Failure Inv SOX: Vendor Acct Authentication Success Inv SOX: Vendor Acct Access Failure Inv SOX: Vendor Acct Access Success Inv SOX: Vendor Acct Disabled/Enabled Inv SOX: Vendor Acct UAM Inv SOX: Default Acct Authentication Failure Inv SOX: Default Acct Authentication Success Inv SOX: Default Acct Access Failure Inv SOX: Default Acct Access Success Inv SOX: Default Acct Disabled/Enabled Inv SOX: Default Acct UAM Inv SOX: Shared Acct Authentication Failure Inv SOX: Shared Acct Authentication Success Inv SOX: Shared Acct Access Failure Inv SOX: Shared Acct Access Success Inv SOX: Shared Acct Disabled/Enabled Inv SOX: Shared Acct UAM Inv SOX: BU Acct Authentication Failure Inv SOX: BU Acct Authentication Success Inv SOX: BU Acct Access Failure Inv SOX: BU Acct Access Success Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct Disabled/Enabled Inv SOX: BU Acct UAM Inv SOX: IT Acct Authentication Failure Inv SOX: IT Acct Authentication Success Inv SOX: IT Acct Access Failure Inv SOX: IT Acct Access Success Inv SOX: IT Acct Disabled/Enabled Inv SOX: IT Acct UAM Inv SOX: Terminated User Access Activity Inv SOX: Terminated User Authentication Activity Inv SOX: HR Payroll Acct Auth Failure Inv SOX: HR Payroll Acct Auth Success Inv SOX: HR Payroll Acct Accs Failure Inv SOX: HR Payroll Acct Accs Success Inv SOX: HR Payroll Acct Disable/Enable Inv SOX: HR Payroll Acct UAM Inv | SOX: Acct Created, Used, Deleted Summary SOX: Password Modified Summary SOX: Account Created Summary SOX: Top Suspicious Users Summary SOX: Top Suspicious Login Summary SOX: Usage Auditing Activity Summary SOX: Priv Acct Auth Failure Summary SOX: Priv Acct Auth Success Summary SOX: Priv Acct UAM Summary SOX: Priv Acct Access Success Summary SOX: Priv Acct Access Failure Summary SOX: Priv Acct Disabled/Enabled Summary SOX: Vendor Acct Authentication Failure Summary SOX: Vendor Acct Authentication Success Summary SOX: Vendor Acct Access Failure Summary SOX: Vendor Acct Access Success Summary SOX: Vendor Acct Disabled/Enabled Summary SOX: Vendor Acct UAM Summary SOX: Default Acct Authentication Failure Summary SOX: Default Acct Authentication Success Summary SOX: Default Acct Access Failure Summary SOX: Default Acct Access Success Summary SOX: Default Acct Disabled/Enabled Summary SOX: Default Acct UAM Summary SOX: Shared Acct Authentication Failure Summary SOX: Shared Acct Authentication Success Summary SOX: Shared Acct Access Failure Summary SOX: Shared Acct Access Success Summary SOX: Shared Acct Disabled/Enabled Summary SOX: Shared Acct UAM Summary SOX: BU Acct Authentication Failure Summary SOX: BU Acct Authentication Success Summary SOX: BU Acct Access Failure Summary SOX: BU Acct Access Success Summary SOX: BU Acct Disabled/Enabled Summary SOX: BU Acct UAM Summary SOX: IT Acct Authentication Failure Summary SOX: IT Acct Authentication Success Summary SOX: IT Acct Access Failure Summary SOX: IT Acct Access Success Summary SOX: IT Acct Disabled/Enabled Summary SOX: IT Acct UAM Summary SOX: Terminated User Access Activity Summary SOX: Terminated User Auth Activity Summary SOX: HR Payroll Acct Auth Failure Summary SOX: HR Payroll Acct Auth Success Summary SOX: HR Payroll Acct Accs Failure Summary SOX: HR Payroll Acct Accs Success Summary SOX: HR Payroll Acct Disable/Enable Summary SOX: HR Payroll Acct UAM Summary SOX: Acct Created, Used, Deleted Detail SOX: Password Modified Detail SOX: Account Created Detail SOX: Usage Auditing Event Detail SOX: Priv Acct Auth Failure Detail SOX: Priv Acct Auth Success Detail SOX: Priv Acct UAM Detail SOX: Priv Acct Access Success Detail SOX: Priv Acct Access Failure Detail SOX: Priv Acct Disabled/Enabled Detail SOX: Vendor Acct Authentication Failure Detail SOX: Vendor Acct Authentication Success Detail SOX: Vendor Acct Access Failure Detail SOX: Vendor Acct Access Success Detail SOX: Vendor Acct Disabled/Enabled Detail SOX: Vendor Acct UAM Detail SOX: Default Acct Authentication Failure Detail SOX: Default Acct Authentication Success Detail SOX: Default Acct Access Failure Detail SOX: Default Acct Access Success Detail SOX: Default Acct Disabled/Enabled Detail SOX: Default Acct UAM Detail SOX: Shared Acct Authentication Failure Detail SOX: Shared Acct Authentication Success Detail SOX: Shared Acct Access Failure Detail SOX: Shared Acct Access Success Detail SOX: Shared Acct Disabled/Enabled Detail SOX: Shared Acct UAM Detail SOX: BU Acct Authentication Failure Detail SOX: BU Acct Authentication Success Detail SOX: BU Acct Access Failure Detail SOX: BU Acct Access Success Detail SOX: BU Acct Disabled/Enabled Detail SOX: BU Acct UAM Detail SOX: IT Acct Authentication Failure Detail SOX: IT Acct Authentication Success Detail SOX: IT Acct Access Failure Detail SOX: IT Acct Access Success Detail SOX: IT Acct Disabled/Enabled Detail SOX: IT Acct UAM Detail SOX: Terminated User Access Activity Detail SOX: Terminated User Auth Activity Detail SOX: HR Payroll Acct Auth Failure Detail SOX: HR Payroll Acct Auth Success Detail SOX: HR Payroll Acct Accs Failure Detail SOX: HR Payroll Acct Accs Success Detail SOX: HR Payroll Acct Disable/Enable Detail SOX: HR Payroll Acct UAM Detail |
DSS06.05: Ensure traceability of information events and accountabilities. | Augment | N/A | N/A | N/A |
DSS06.06: Secure information assets. | Augment | SOX: Physical Access Rule SOX: Data Loss Prevention Rule SOX: Data Exfiltration Rule SOX: Data Destruction Rule | SOX: FIM Critical/Error/Information Inv SOX: FIM Activity Inv SOX: Non-Encrypted Protocol Inv SOX: Physical Access Inv SOX: Data Loss Prevention Inv | SOX: Physical Access Summary SOX: Non-Encrypted Protocol Summary SOX: FIM Critical/Error/Information Summary SOX: FIM Activity Summary SOX: Data Loss Prevention Summary SOX: Physical Access Detail SOX: Non-Encrypted Protocol Detail SOX: FIM Critical/Error/Information Detail SOX: FIM Activity Detail SOX: Data Loss Prevention Detail |
| MEA01.04: Analyze and report performance. | Augment | General LogRhythm Approach | General LogRhythm Approach | General LogRhythm Approach |