ETSI - GS ISI 007

Information Security Indicators (ISI); Guidelines for building and operating a secured Security Operations Center (SOC)

active, Most Current
Organization: ETSI
Publication Date: 1 December 2018
Status: active
Page Count: 46
scope:

The present document covers the 2 types of security incident detection services: internal and external.

The requirements can be implemented at 2 different levels: basic level (partial compliance), advanced level (full compliance).

The present document is structured as follows (after clauses 2 and 3 respectively dedicated to references and terms, symbols and abbreviations):

Clause 4 describes the activities to which the present document relates.

Clause 5 presents the requirements applicable to service providers (either internal or external) operating a SOC.

NOTE: These requirements, labelled with lowercase letters (a, b, c, etc.), stem from requirements of a similar reference framework published by ANSSI [i.12], so that their labelling is aligned with them, meaning that not present letters correspond to discarded or not relevant requirements.

Annex A presents the tasks and skills expected from the service provider's employees.

Annex B presents the recommendations for the commissioning entities when contracting with security incident detection providers.

Annex C defines the basic and partial level of implementation of the requirements.

Document History

GS ISI 007
December 1, 2018
Information Security Indicators (ISI); Guidelines for building and operating a secured Security Operations Center (SOC)
The present document covers the 2 types of security incident detection services: internal and external. The requirements can be implemented at 2 different levels: basic level (partial compliance),...

References

Advertisement