ISO/IEC 27000 Monitoring Activities, v2022
Specifies requirements in accordance with the security and privacy controls specified by ISO/IEC Publication 27001:2022, related to monitoring activities.
Assessment Step
|
1
Monitoring Activities (MonitoringActivities)
Are networks, systems, and applications monitored for anomalous behaviour, and are appropriate actions taken to evaluate potential information security incidents?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) and supporting notes as appropriate to support the assessor's response to this assessment step.
|
Conformance Criteria (1)
|
Monitoring Activities
Networks, systems and applications shall be monitored for anomalous behaviour and appropriate actions taken to evaluate potential information security incidents.
Citations
27001
Annex A, Control 8.16
27002
Section 8.16
|