DCH-05.11 ยท Audit Changes

Control Description

Mechanisms exist to audit changes to cybersecurity and data protection attributes and responds to events in accordance with incident response procedures.

Control Question
Assessment question for control validation

Does the organization audit changes to cybersecurity and data protection attributes and responds to events in accordance with incident response procedures?

Control Weighting
7
Validation Cadence
Semi-Annual
NIST CSF Function
Detect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Additional Metadata
Applicability (Process):
x
Errata & Additional Notes

- wordsmithed control