2.0
Level 2 Description: Organizations have flexibility in the types of audit logs employed. Audit logs can be procedural (e.g., a written log of individua...
Mon, 24 Jul, 2023 at 8:44 AM
Level 1 Description: Physical access devices include keys, locks, combinations, and card readers. Priority: High Domain: PHYSICAL PROTECTION (PE...
Mon, 24 Jul, 2023 at 8:55 AM
Level 2 Description: Monitoring of physical access includes publicly accessible areas within organizational facilities. This can be accomplished, for ...
Mon, 24 Jul, 2023 at 9:05 AM
Level 2 Description: Alternate work sites may include government facilities or the private residences of employees. Organizations may define different ...
Mon, 24 Jul, 2023 at 9:14 AM
Level 2 Description: Clearly defined system boundaries are a prerequisite for effective risk assessments. Such risk assessments consider threats, vulne...
Mon, 24 Jul, 2023 at 9:23 AM
Level 1 Description: Organizations determine the required vulnerability scanning for all system components, ensuring that potential sources of vulnerab...
Tue, 25 Jul, 2023 at 4:37 AM
Level 2 Description: Vulnerabilities discovered, for example, via the scanning conducted in response to 3..2, are remediated with consideration of the ...
Tue, 25 Jul, 2023 at 5:43 AM
Level 2 Description: Organizations assess security controls in organizational systems and the environments in which those systems operate as part of the...
Tue, 25 Jul, 2023 at 5:59 AM
Level 2 Description: The plan of action is a key document in the information security program. Organizations develop plans of action that describe how a...
Tue, 25 Jul, 2023 at 6:24 AM
Level 2 Description: Continuous monitoring programs facilitate ongoing awareness of threats, vulnerabilities, and information security to support organ...
Tue, 25 Jul, 2023 at 6:55 AM