Fork me on GitHub

InformationGathering -> Monitoring: Alerting

Risk and Opportunity

Risk: Incidents are discovered after they happened.
Opportunity: Thresholds for metrics are set. In case the thresholds are reached, alarms are send out. Which should get attention due to the critically.

Usefulness and Requirements of this Activitiy

Usefullness: Very High
Required knowledge: Low (one discipline)
Required time: Very High
Required resources (systems): Very High

Additional Information

Dependencies: Visualized metrics

OWASP SAMM VERSION 2

ISO27001 2017