1.6 KiB
| implementation-status | control-origination | |||||
|---|---|---|---|---|---|---|
|
|
si-4.5 - [catalog] System-generated Alerts
Control Statement
Alert personnel or roles when the following system-generated indications of compromise or potential compromise occur: compromise indicators.
Control guidance
Alerts may be generated from a variety of sources, including audit records or inputs from malicious code protection mechanisms, intrusion detection or prevention mechanisms, or boundary protection devices such as firewalls, gateways, and routers. Alerts can be automated and may be transmitted telephonically, by electronic mail messages, or by text messaging. Organizational personnel on the alert notification list can include system administrators, mission or business owners, system owners, information owners/stewards, senior agency information security officers, senior agency officials for privacy, system security officers, or privacy officers. In contrast to alerts generated by the system, alerts generated by organizations in SI-4(12) focus on information sources external to the system, such as suspicious activity reports and reports on potential insider threats.
Control assessment-objective
personnel or roles are alerted when system-generated compromise indicators occur.
What is the solution and how is it implemented?
Add control implementation description here for control si-4.5