02-20-2019, 02:06 PM
The SOC-CMM survey has indicated that some users are looking for additions to the SOC-CMM business domain. Which additions should be considered?
02-20-2019, 02:06 PM
04-10-2019, 05:54 AM
Probably 2.2.9 - Human Resource
Remarks - Disciplinary review of web accesses habits or other employee system reviews that are legally allowed such as in the case of harassment
Remarks - Disciplinary review of web accesses habits or other employee system reviews that are legally allowed such as in the case of harassment
04-10-2019, 11:44 AM
Agreed! Web access habits could be a compliance issue as well, so I suppose the compliance department is also a potential customer. That's probably true for all departments concerned with policy violations.
I hadn't considered harassment yet, but of course if it contains a digital component forensic analysis or monitoring could be called upon. I'll add this to the next release of the SOC-CMM.
I hadn't considered harassment yet, but of course if it contains a digital component forensic analysis or monitoring could be called upon. I'll add this to the next release of the SOC-CMM.
04-12-2020, 06:38 PM
Compliance, Data Privacy and Data Ownership are areas that impact a SOC team operationally as part of incident response process. Cohesion and effective involvement of Data Protection officers/function in SOC process is important. Please see if you can cover this as an area of extension of Business Domain.