Tutcyber

Continuous Monitoring between Audits

Purpose: Ensure controls are operating as designed. Identify control weaknesses and failure outside an audit setting. Communicate results to appropriate stakeholder. Scope:        All production devices controls will be tested for operating effectiveness over time focusing on: Execution against the defined security policies. Execution evidence maintenance availability. Timely deviation from policy documentation. Timely temporary failures of a control or loss of evidence documentation and communication.