Establish, implement, and maintain a security operations center.
CONTROL ID 14762
CONTROL TYPE Human Resources Management
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Establish, implement, and maintain high level operational roles and responsibilities., CC ID: 00806
This Control has the following implementation support Control(s):
Define the scope for the security operations center., CC ID: 15713
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
To facilitate continuous monitoring and analysis of cyber events; as well as prompt detection and response to cyber incidents, the FI should establish a security operations centre or acquire managed security services. The processes, roles and responsibilities for security operations should be define… (§ 12.2.1, Technology Risk Management Guidelines, January 2021)
With respect to operating centers, describe the entity's operating center type and key responsibilities and determine whether functions such as security and network management are addressed. Evaluate the appropriateness of the entity's processes and controls, such as the following: (App A Objective 14:1, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
Effective controls over the entity's operating centers, including physical and logical controls. (VI.A Action Summary ¶ 2 Bullet 1, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
Establish and maintain a security operations center capability that operates [Assignment: organization-defined time period]. (3.6.1e, Enhanced Security Requirements for Protecting Controlled Unclassified Information, NIST SP 800-172)
Establish and maintain a security operations center. (IR-4(14) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
Establish and maintain a security operations center. (IR-4(14) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)