compliance controls are associated with this Policy definition 'Network Watcher flow logs should have traffic analytics enabled' (2f080164-9f4d-497e-9db6-416dc9f7b48a)
Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
DORA_2022_2554 |
10.1 |
DORA_2022_2554_10.1 |
DORA 2022 2554 10.1 |
10 |
Implement Mechanisms to Detect Anomalous Activities in ICT Systems |
Shared |
n/a |
Establish mechanisms to detect anomalous activities within information and communication technology (ICT) systems, including network performance issues and ICT-related incidents. Additionally, identify potential material single points of failure to enhance overall system resilience and response capabilities. |
|
38 |
DORA_2022_2554 |
10.2 |
DORA_2022_2554_10.2 |
DORA 2022 2554 10.2 |
10 |
Establish Multi-Layered Detection Mechanisms for ICT Incidents |
Shared |
n/a |
Implement detection mechanisms that provide multiple layers of control, defining alert thresholds and criteria to trigger information and communication technology (ICT) related incident response processes. This includes automated alert mechanisms to notify resources managing ICT-related incidents. |
|
40 |
K_ISMS_P_2018 |
2.10.1 |
K_ISMS_P_2018_2.10.1 |
K ISMS P 2018 2.10.1 |
2.10 |
Establish Procedures for Managing the Security of System Operations |
Shared |
n/a |
Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. |
|
408 |
K_ISMS_P_2018 |
2.10.2 |
K_ISMS_P_2018_2.10.2 |
K ISMS P 2018 2.10.2 |
2.10 |
Establish Protective Measures for Administrator Privileges and Security Configurations |
Shared |
n/a |
Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. |
|
385 |
K_ISMS_P_2018 |
2.11.1 |
K_ISMS_P_2018_2.11.1 |
K ISMS P 2018 2.11.1 |
2.11 |
Establish Procedures for Managing Internal and External Intrusion Attempts |
Shared |
n/a |
Establish procedures for detecting, analyzing, sharing, and effectively responding to internal and external intrusion attempts to prevent personal information leakage. Additionally, implement a framework for collaboration with relevant external agencies and experts. |
|
57 |
K_ISMS_P_2018 |
2.11.3 |
K_ISMS_P_2018_2.11.3 |
K ISMS P 2018 2.11.3 |
2.11 |
Collect, Monitor, and Analyze Data and Network Traffic |
Shared |
n/a |
Collect, monitor, and analyze data and network traffic to respond to internal or external infringement attempts in a timely manner. |
|
31 |
K_ISMS_P_2018 |
2.11.5 |
K_ISMS_P_2018_2.11.5 |
K ISMS P 2018 2.11.5 |
2.11 |
Establish Procedures to Respond and Recover from Incidents |
Shared |
n/a |
Establish procedures to respond and recover from incidents in a timely manner, including legal obligations for disclosing information. Additional procedures must be established and implemented to prevent recurrence. |
|
57 |
K_ISMS_P_2018 |
2.9.4 |
K_ISMS_P_2018_2.9.4 |
K ISMS P 2018 2.9.4 |
2.9 |
Maintain Logs and Establish Log Management Procedures |
Shared |
n/a |
Maintain log records for servers, applications, security systems, and networks. Define log types, access permissions, retention periods, and storage methods to ensure secure retention and prevent forgery, alteration, theft, and loss. |
|
45 |
RBI_CSF_Banks_v2016 |
16.1 |
RBI_CSF_Banks_v2016_16.1 |
|
Maintenance, Monitoring, And Analysis Of Audit Logs |
Maintenance, Monitoring, And Analysis Of Audit Logs-16.1 |
|
n/a |
Consult all the stakeholders before finalising the scope, frequency and storage of log collection. |
|
5 |
RBI_CSF_Banks_v2016 |
4.2 |
RBI_CSF_Banks_v2016_4.2 |
|
Network Management And Security |
Network Inventory-4.2 |
|
n/a |
Maintain an up-to-date/centralised inventory of authorised devices connected to bank???s network (within/outside bank???s premises) and authorised devices enabling the bank???s network. The bank may consider implementing solutions to automate network discovery and management. |
|
4 |
RBI_ITF_NBFC_v2017 |
3.1.g |
RBI_ITF_NBFC_v2017_3.1.g |
RBI IT Framework 3.1.g |
Information and Cyber Security |
Trails-3.1 |
|
n/a |
The IS Policy must provide for a IS framework with the following basic tenets:
Trails- NBFCs shall ensure that audit trails exist for IT assets satisfying its business requirements including regulatory and legal requirements, facilitating audit, serving as forensic evidence when required and assisting in dispute resolution. If an employee, for instance, attempts to access an unauthorized section, this improper activity should be recorded in the audit trail. |
link |
33 |
SWIFT_CSCF_v2022 |
6.4 |
SWIFT_CSCF_v2022_6.4 |
SWIFT CSCF v2022 6.4 |
6. Detect Anomalous Activity to Systems or Transaction Records |
Record security events and detect anomalous actions and operations within the local SWIFT environment. |
Shared |
n/a |
Capabilities to detect anomalous activity are implemented, and a process or tool is in place to keep and review logs. |
link |
47 |