Back

Establish, implement, and maintain a security operations center.


CONTROL ID
14762
CONTROL TYPE
Human Resources Management
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain high level operational roles and responsibilities., CC ID: 00806

This Control has the following implementation support Control(s):
  • Define the scope for the security operations center., CC ID: 15713


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • To facilitate continuous monitoring and analysis of cyber events; as well as prompt detection and response to cyber incidents, the FI should establish a security operations centre or acquire managed security services. The processes, roles and responsibilities for security operations should be define… (§ 12.2.1, Technology Risk Management Guidelines, January 2021)
  • With respect to operating centers, describe the entity's operating center type and key responsibilities and determine whether functions such as security and network management are addressed. Evaluate the appropriateness of the entity's processes and controls, such as the following: (App A Objective 14:1, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
  • Effective controls over the entity's operating centers, including physical and logical controls. (VI.A Action Summary ¶ 2 Bullet 1, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
  • Establish and maintain a security operations center capability that operates [Assignment: organization-defined time period]. (3.6.1e, Enhanced Security Requirements for Protecting Controlled Unclassified Information, NIST SP 800-172)
  • Establish and maintain a security operations center. (IR-4(14) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Establish and maintain a security operations center. (IR-4(14) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)