Information Gathering -> Monitoring: Alerting
Risk and Opportunity
Risk: Incidents are discovered after they happend.
Opportunity: Thresholds for metrics are set. In case the thresholds are reached, alarms are send out. Which should get attention due to the critically.
Usefullness: Very High
Required knowledge: Low (one discipline)
Required time: Very High
Required resources (systems): Very High
Dependencies: Visualized metrics
OWASP SAMM 1 Mapping: OE1-B
OWASP SAMM 2 Mapping: o-operational-management|B|3
ISO27001:2017 Controls Mapping: