IR-05 Incident Monitoring

Control: The organization tracks and documents information system security incidents on an ongoing basis.

Supplemental Guidance: None.

Control Enhancements: (1) The organization employs automated mechanisms to assist in the tracking of security incidents and in the collection and analysis of incident information.

Baseline: LOW Not Selected MOD IR-5 HIGH IR-5 (1)

Family: Incident Response

Class: Operational

ISO 17799 mapping: None.

COBIT 4.1 mapping: DS8.2, DS8.4

PCI-DSS v2 mapping: 12.9.5