Not regularly reviewing information system activity

Risk: Not regularly reviewing information system activity.

regularly reviewing information

Explanation: Reviewing the activity of your business operations and system activity is a periodic process that you have to do on day to day basis. If you’re not doing that then perhaps you’re overlooking some very crucial threats to your system security.

Mitigation: Establish a system for reviewing the records of activity of information security system on day to day basis. This includes reviewing incident tracking reports, audit logs, access reports and so on.

Success Criteria: Being able to detect and analyze any anomalies after reviewing information security system activity records on daily basis.

Source: www.gpo.gov