SI-4(5)—Information System Monitoring

PBMM (P2)

Secret (P2)

Operational

>Control Description

INFORMATION SYSTEM MONITORING | SYSTEM-GENERATED ALERTS The information system alerts ⚙organization-defined personnel or roles when the following indications of compromise or potential compromise occur: ⚙organization-defined compromise indicators.

>Supplemental Guidance

Alerts may be generated from a variety of sources, including, for example, audit records or inputs from malicious code protection mechanisms, intrusion detection or prevention mechanisms, or boundary protection devices such as firewalls, gateways, and routers. Alerts can be transmitted, for example, telephonically, by electronic mail messages, or by text messaging. Organizational personnel on the notification list can include, for example, system administrators, mission/business owners, system owners, or information system security officers.

Related controls: AU-5, PE-6.

>Tailoring Guidance

This security control/enhancement is considered to be best practice. Consequently, inclusion in a departmental profile is strongly encouraged in most cases.

>Profile-Specific Parameters

indicators [Authorizer defined list of compromise indicators]

Ask AI

Configure your API key to use AI features.