compliance controls are associated with this Policy definition 'Deploy Diagnostic Settings for Network Security Groups' (c9c29499-c1d1-4195-99bd-2ec9e3a9dc89)
Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
EU_GDPR_2016_679_Art. |
24 |
EU_GDPR_2016_679_Art._24 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 24 |
Chapter 4 - Controller and processor |
Responsibility of the controller |
Shared |
n/a |
n/a |
|
306 |
EU_GDPR_2016_679_Art. |
25 |
EU_GDPR_2016_679_Art._25 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 25 |
Chapter 4 - Controller and processor |
Data protection by design and by default |
Shared |
n/a |
n/a |
|
306 |
EU_GDPR_2016_679_Art. |
28 |
EU_GDPR_2016_679_Art._28 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 28 |
Chapter 4 - Controller and processor |
Processor |
Shared |
n/a |
n/a |
|
306 |
EU_GDPR_2016_679_Art. |
32 |
EU_GDPR_2016_679_Art._32 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 32 |
Chapter 4 - Controller and processor |
Security of processing |
Shared |
n/a |
n/a |
|
306 |
hipaa |
0860.09m1Organizational.9-09.m |
hipaa-0860.09m1Organizational.9-09.m |
0860.09m1Organizational.9-09.m |
08 Network Protection |
0860.09m1Organizational.9-09.m 09.06 Network Security Management |
Shared |
n/a |
The organization formally manages equipment on the network, including equipment in user areas. |
|
5 |
K_ISMS_P_2018 |
2.10.1 |
K_ISMS_P_2018_2.10.1 |
K ISMS P 2018 2.10.1 |
2.10 |
Establish Procedures for Managing the Security of System Operations |
Shared |
n/a |
Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. |
|
455 |
K_ISMS_P_2018 |
2.10.2 |
K_ISMS_P_2018_2.10.2 |
K ISMS P 2018 2.10.2 |
2.10 |
Establish Protective Measures for Administrator Privileges and Security Configurations |
Shared |
n/a |
Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. |
|
431 |
K_ISMS_P_2018 |
2.11.1 |
K_ISMS_P_2018_2.11.1 |
K ISMS P 2018 2.11.1 |
2.11 |
Establish Procedures for Managing Internal and External Intrusion Attempts |
Shared |
n/a |
Establish procedures for detecting, analyzing, sharing, and effectively responding to internal and external intrusion attempts to prevent personal information leakage. Additionally, implement a framework for collaboration with relevant external agencies and experts. |
|
82 |
K_ISMS_P_2018 |
2.11.3 |
K_ISMS_P_2018_2.11.3 |
K ISMS P 2018 2.11.3 |
2.11 |
Collect, Monitor, and Analyze Data and Network Traffic |
Shared |
n/a |
Collect, monitor, and analyze data and network traffic to respond to internal or external infringement attempts in a timely manner. |
|
45 |
K_ISMS_P_2018 |
2.11.5 |
K_ISMS_P_2018_2.11.5 |
K ISMS P 2018 2.11.5 |
2.11 |
Establish Procedures to Respond and Recover from Incidents |
Shared |
n/a |
Establish procedures to respond and recover from incidents in a timely manner, including legal obligations for disclosing information. Additional procedures must be established and implemented to prevent recurrence. |
|
82 |
K_ISMS_P_2018 |
2.6.1 |
K_ISMS_P_2018_2.6.1 |
K ISMS P 2018 2.6.1 |
2.6 |
Establish Network Management Procedures |
Shared |
n/a |
Establish and implement network management procedures such as IP management, terminal authentication, and network segregation according to business purpose and criticality. |
|
25 |
K_ISMS_P_2018 |
2.9.2a |
K_ISMS_P_2018_2.9.2a |
K ISMS P 2018 2.9.2a |
2.9.2a |
Establish Procedures for Information System Failures |
Shared |
n/a |
Establish procedures to detect, record, analyze, report, and respond to information system failures. |
|
63 |
K_ISMS_P_2018 |
2.9.4 |
K_ISMS_P_2018_2.9.4 |
K ISMS P 2018 2.9.4 |
2.9 |
Maintain Logs and Establish Log Management Procedures |
Shared |
n/a |
Maintain log records for servers, applications, security systems, and networks. Define log types, access permissions, retention periods, and storage methods to ensure secure retention and prevent forgery, alteration, theft, and loss. |
|
61 |