MON-02.1: Correlate Monitoring Information

MON-02.1 · Correlate Monitoring Information

Control Description

Automated mechanisms exist to correlate both technical and non-technical information from across the enterprise by a Security Incident Event Manager (SIEM) or similar automated tool, to enhance organization-wide situational awareness.

Control Question

Assessment question for control validation

Does the organization use automated mechanisms to correlate both technical and non-technical information from across the enterprise by a Security Incident Event Manager (SIEM) or similar automated tool, to enhance organization-wide situational awareness?

Control Weighting

Validation Cadence

Quarterly

NIST CSF Function

Detect

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 2 - Operational

Tier 3 - Tactical

Core Control Designations

Special designations and baseline inclusions

MAD: MON-02.1

ESP Level 1: MON-02.1

ESP Level 2: MON-02.1

ESP Level 3: MON-02.1