This objective, and the other similar ‘include‘ objectives, simply state what has to be in your Product Working Practices. You may want to include more, but you cannot be missing any of these and still deliver a secure Product.
- Group or Individual
- Product Team
- Artefact
- Product Working Practices
- Concepts
- Monitoring For Normal And Abnormal Operation
- Document
- Monitoring For Normal And Abnormal Operation
- Risk Type
- Viability
- Event
- The Impact of a Security Incident is increased
- Caused By
- Product Teams being ineffective in the detection of security incidents
- Leading To
- Loss of customers, financial fraud losses, increased TCO, substantial fines/sanctions from an external regulatory body
-
O-IM-A-1-1
Operations > Incident Management > Incident Detection
- Do you analyze log data for security incidents periodically?