This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SOC-CMM: Business Domain - Charter
#2
Hi,

What is meant with 'accountability' is that you are aware as a SOC (or SOC manager) what you can be held accountable for. A RACI matrix is a great way to define and explain your responsibilities and accountability, especially compare to other teams.

For example: the SOC may be responsible for vulnerability scanning and may be held accountable for time scanning and providing reports and advisores to the organisation. However, follow-up (remediation: patching or applying configuration changes) is actually the responsibility of operational teams within the organisation (and they can be held accountable for timely remediation).

Regards,
Rob.
Reply


Messages In This Thread
SOC-CMM: Business Domain - Charter - by cgergen - 02-17-2022, 04:26 PM
RE: SOC-CMM: Business Domain - Charter - by robvanos - 02-18-2022, 11:46 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)