DS10.2:: Difference between revisions
No edit summary |
No edit summary |
||
Line 5: | Line 5: | ||
The problem management system should provide for adequate audit trail facilities that allow tracking, analyzing and determining the root cause of all reported problems considering: | The problem management system should provide for adequate audit trail facilities that allow tracking, analyzing and determining the root cause of all reported problems considering: | ||
<br> | <br> | ||
* All associated configuration items<br> | |||
* Outstanding problems and incidents <br> | |||
* Known and suspected errors <br> | |||
<br> | <br> | ||
Identify and initiate sustainable solutions addressing the root cause, raising change requests via the established change management process. Throughout the resolution process, problem management should obtain regular reports from change management on progress in resolving problems and errors. Problem management should monitor the continuing impact of problems and known errors on user services. In the event that this impact becomes severe, problem management should escalate the problem, perhaps referring it to an appropriate board to increase the priority of the request for change (RFC) or to implement an urgent change as appropriate. The progress of problem resolution should be monitored against SLA. | Identify and initiate sustainable solutions addressing the root cause, raising change requests via the established change management process. Throughout the resolution process, problem management should obtain regular reports from change management on progress in resolving problems and errors. Problem management should monitor the continuing impact of problems and known errors on user services. In the event that this impact becomes severe, problem management should escalate the problem, perhaps referring it to an appropriate board to increase the priority of the request for change (RFC) or to implement an urgent change as appropriate. The progress of problem resolution should be monitored against SLA.<br> | ||
<br><br>'''Applicability:'''<br> | |||
<br>'''Applicability:'''<br> | |||
<br> | <br> | ||
:: '''Sarbanes-Oxley''' | :: '''Sarbanes-Oxley''' | ||
Line 27: | Line 28: | ||
:::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with information security procedures. | :::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with information security procedures. | ||
<br> | <br> | ||
* PCI.10.6: Review logs for all system components at least daily. Log reviews should include those servers that perform security functions like IDS and authentication (AAA) servers (e.g RADIUS).<br> | |||
<br> | |||
'''Implementation Guide:'''<br> | '''Implementation Guide:'''<br> | ||
<br> | <br> | ||
Line 59: | Line 62: | ||
ITIL Problem Management<br> | ITIL Problem Management<br> | ||
ITIL 6.7.5 Problem/error resolution monitoring<br> | ITIL 6.7.5 Problem/error resolution monitoring<br> | ||
ISO 6.3 Responding to security incidents and malfunctions<br> | ISO 6.3 Responding to security incidents and malfunctions<br> | ||
ISO 7.2 Equipment security<br> | ISO 7.2 Equipment security<br> | ||
ISO 8.1 Operational procedures and responsibilities | ISO 8.1 Operational procedures and responsibilities |
Latest revision as of 17:52, 5 May 2006
DS 10.2 Problem Tracking and Resolution
Control Objective:
The problem management system should provide for adequate audit trail facilities that allow tracking, analyzing and determining the root cause of all reported problems considering:
- All associated configuration items
- Outstanding problems and incidents
- Known and suspected errors
Identify and initiate sustainable solutions addressing the root cause, raising change requests via the established change management process. Throughout the resolution process, problem management should obtain regular reports from change management on progress in resolving problems and errors. Problem management should monitor the continuing impact of problems and known errors on user services. In the event that this impact becomes severe, problem management should escalate the problem, perhaps referring it to an appropriate board to increase the priority of the request for change (RFC) or to implement an urgent change as appropriate. The progress of problem resolution should be monitored against SLA.
Applicability:
- Sarbanes-Oxley
- HIPAA
- GLBA
- PCI
- FISMA
- NIST SP 800-66
- Ditscap
- Control Exception
- User Defined
Risk Association Control Activities:
- 1. Risk: Security incidents and incompliance with information security procedures may go overlooked and not addressed.
- a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with information security procedures.
- 1. Risk: Security incidents and incompliance with information security procedures may go overlooked and not addressed.
- PCI.10.6: Review logs for all system components at least daily. Log reviews should include those servers that perform security functions like IDS and authentication (AAA) servers (e.g RADIUS).
Implementation Guide:
Process Narrative
Insert a description of the process narration that is applicable to the existing control statement this narrative refers to.
Process Illustration
Insert a process diagram, flowchart or other visual representation here to illustrate the process narrative.
File:Someimage.jpg
Control Commentary
Insert a description of the control that is applicable to the existing control statement this commentary refers to.
Control Exception Commentary
Insert a description of the control exception that is applicable to the existing control statement this commentary refers to.
Evidence Archive Location
Insert Evidence Description Here.
Control Status and Auditors Commentary
Describe the condition of the applicable control and its effectiveness. Set the color icon to a redlock.jpg, yellowlock.jpg or greenlock.jpg.
File:Redlock.jpg
Remediation Plan
Insert remediation plan, applicability, or any information that indicates what needs to be done.
Supplemental Information:
ITIL Service Support
ITIL Problem Management
ITIL 6.7.5 Problem/error resolution monitoring
ISO 6.3 Responding to security incidents and malfunctions
ISO 7.2 Equipment security
ISO 8.1 Operational procedures and responsibilities