MON-01.2: Automated Tools for Real-Time Analysis

MON-01.2 · Automated Tools for Real-Time Analysis

Control Description

Mechanisms exist to utilize a Security Incident Event Manager (SIEM), or similar automated tool, to support near real-time analysis and incident escalation.

Control Question

Assessment question for control validation

Does the organization utilize a Security Incident Event Manager (SIEM), or similar automated tool, to support near real-time analysis and incident escalation?

Control Weighting

Validation Cadence

Annual

NIST CSF Function

Detect

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 3 - Tactical

Core Control Designations

Special designations and baseline inclusions

MAD: MON-01.2

ESP Level 2: MON-01.2

ESP Level 3: MON-01.2