DS10.2:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 17:46, 5 May 2006 by Tdspain (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

DS 10.2 Problem Tracking and Resolution

Control Objective:

The problem management system should provide for adequate audit trail facilities that allow tracking, analyzing and determining the root cause of all reported problems considering:

1. • All associated configuration items
2. • Outstanding problems and incidents
3. • Known and suspected errors


Identify and initiate sustainable solutions addressing the root cause, raising change requests via the established change management process. Throughout the resolution process, problem management should obtain regular reports from change management on progress in resolving problems and errors. Problem management should monitor the continuing impact of problems and known errors on user services. In the event that this impact becomes severe, problem management should escalate the problem, perhaps referring it to an appropriate board to increase the priority of the request for change (RFC) or to implement an urgent change as appropriate. The progress of problem resolution should be monitored against SLA.

Applicability:

Sarbanes-Oxley
HIPAA
GLBA
PCI
FISMA
NIST SP 800-66
Ditscap
Control Exception
User Defined


Risk Association Control Activities:

1. Risk: Security incidents and incompliance with information security procedures may go overlooked and not addressed.
a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with information security procedures.


2. PCI.10.6: Review logs for all system components at least daily. Log reviews should include those servers that perform security functions like IDS and authentication (AAA) servers (e.g RADIUS).

Implementation Guide:

Process Narrative
Insert a description of the process narration that is applicable to the existing control statement this narrative refers to.

Process Illustration
Insert a process diagram, flowchart or other visual representation here to illustrate the process narrative.

File:Someimage.jpg

Control Commentary
Insert a description of the control that is applicable to the existing control statement this commentary refers to.

Control Exception Commentary
Insert a description of the control exception that is applicable to the existing control statement this commentary refers to.

Evidence Archive Location
Insert Evidence Description Here.

Control Status and Auditors Commentary
Describe the condition of the applicable control and its effectiveness. Set the color icon to a redlock.jpg, yellowlock.jpg or greenlock.jpg.

File:Redlock.jpg

Remediation Plan
Insert remediation plan, applicability, or any information that indicates what needs to be done.

Supplemental Information:
ITIL Service Support
ITIL Problem Management
ITIL 6.7.5 Problem/error resolution monitoring

ISO 6.3 Responding to security incidents and malfunctions
ISO 7.2 Equipment security
ISO 8.1 Operational procedures and responsibilities