IR-5 (1) Incident Monitoring | Automated Tracking / Data Collection / Analysis
The organization employs automated mechanisms to assist in the tracking of security incidents and in the collection and analysis of incident information.
Applicable CNSSI 1253 Baselines
Confidentiality
- L
- M
- H
Integrity
- L
- M
- H
Availability
- L
- M
- H
Supplemental Guidance
Automated mechanisms for tracking security incidents and collecting/analyzing incident information include, for example, the Einstein network monitoring device and monitoring online Computer Incident Response Centers (CIRCs) or other electronic databases of incidents.