compliance controls are associated with this Policy definition 'All flow log resources should be in enabled state' (27960feb-a23c-4577-8d36-ef8b5f35e0be)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| CIS_Azure_2.0.0 |
5.1.6 |
CIS_Azure_2.0.0_5.1.6 |
CIS Microsoft Azure Foundations Benchmark recommendation 5.1.6 |
5.1 |
Ensure that Network Security Group Flow logs are captured and sent to Log Analytics |
Shared |
The impact of configuring NSG Flow logs is primarily one of cost and configuration. If deployed, it will create storage accounts that hold minimal amounts of data on a 5-day lifecycle before feeding to Log Analytics Workspace.
This will increase the amount of data stored and used by Azure Monitor. |
Ensure that network flow logs are captured and fed into a central log analytics workspace.
Network Flow Logs provide valuable insight into the flow of traffic around your network and feed into both Azure Monitor and Azure Sentinel (if in use), permitting the generation of visual flow diagrams to aid with analyzing for lateral movement, etc. |
link |
3 |
| RBI_CSF_Banks_v2016 |
15.1 |
RBI_CSF_Banks_v2016_15.1 |
|
Data Leak Prevention Strategy |
Data Leak Prevention Strategy-15.1 |
|
n/a |
Develop a comprehensive data loss/leakage prevention strategy to safeguard sensitive (including confidential)business and customer data/information. |
|
8 |
| RBI_CSF_Banks_v2016 |
16.1 |
RBI_CSF_Banks_v2016_16.1 |
|
Maintenance, Monitoring, And Analysis Of Audit Logs |
Maintenance, Monitoring, And Analysis Of Audit Logs-16.1 |
|
n/a |
Consult all the stakeholders before finalising the scope, frequency and storage of log collection. |
|
5 |
| RBI_ITF_NBFC_v2017 |
3.1.g |
RBI_ITF_NBFC_v2017_3.1.g |
RBI IT Framework 3.1.g |
Information and Cyber Security |
Trails-3.1 |
|
n/a |
The IS Policy must provide for a IS framework with the following basic tenets:
Trails- NBFCs shall ensure that audit trails exist for IT assets satisfying its business requirements including regulatory and legal requirements, facilitating audit, serving as forensic evidence when required and assisting in dispute resolution. If an employee, for instance, attempts to access an unauthorized section, this improper activity should be recorded in the audit trail. |
link |
39 |
| RBI_ITF_NBFC_v2017 |
5 |
RBI_ITF_NBFC_v2017_5 |
RBI IT Framework 5 |
IS Audit |
Policy for Information System Audit (IS Audit)-5 |
|
n/a |
The objective of the IS Audit is to provide an insight on the effectiveness of controls that are in place to ensure confidentiality, integrity and availability of the organization???s IT infrastructure. IS Audit shall identify risks and methods to mitigate risk arising out of IT infrastructure such as server architecture, local and wide area networks, physical and information security, telecommunications etc. |
link |
14 |
| RMiT_v1.0 |
10.33 |
RMiT_v1.0_10.33 |
RMiT 10.33 |
Network Resilience |
Network Resilience - 10.33 |
Shared |
n/a |
A financial institution must design a reliable, scalable and secure enterprise network that is able to support its business activities, including future growth plans. |
link |
28 |
| RMiT_v1.0 |
Appendix_5.7 |
RMiT_v1.0_Appendix_5.7 |
RMiT Appendix 5.7 |
Control Measures on Cybersecurity |
Control Measures on Cybersecurity - Appendix 5.7 |
Customer |
n/a |
Ensure overall network security controls are implemented including the following:
(a) dedicated firewalls at all segments. All external-facing firewalls must be deployed on High Availability (HA) configuration and “fail-close” mode activated. Deploy different brand name/model for two firewalls located in sequence within the same network path;
(b) IPS at all critical network segments with the capability to inspect and monitor encrypted network traffic;
(c) web and email filtering systems such as web-proxy, spam filter and anti-spoofing controls;
(d) endpoint protection solution to detect and remove security threats including viruses and malicious software;
(e) solution to mitigate advanced persistent threats including zero-day and signatureless malware; and
(f) capture the full network packets to rebuild relevant network sessions to aid forensics in the event of incidents. |
link |
27 |
| SWIFT_CSCF_v2022 |
6.4 |
SWIFT_CSCF_v2022_6.4 |
SWIFT CSCF v2022 6.4 |
6. Detect Anomalous Activity to Systems or Transaction Records |
Record security events and detect anomalous actions and operations within the local SWIFT environment. |
Shared |
n/a |
Capabilities to detect anomalous activity are implemented, and a process or tool is in place to keep and review logs. |
link |
52 |