Fork me on GitHub

InformationGathering -> Monitoring: Targeted alerting

Risk and Opportunity

Risk: People are bored (ignorant) of incident alarm messages, as they are not responsible to react.
Opportunity: By the definition of target groups for incidents people are only getting alarms for incidents they are in charge for.

Usefulness and Requirements of this Activitiy

Usefullness: Very High
Required knowledge: Low (one discipline)
Required time: Very High
Required resources (systems): Very High

Additional Information

Dependencies: Alerting

OWASP SAMM VERSION 2

ISO27001 2017