This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
SOC-CMM forum SOC-CMM SOC-CMM development
Which extension should be done to the business domain?

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Thread Modes
Which extension should be done to the business domain?
robvanos Offline
Super Moderator
******
Posts: 44
Threads: 14
Joined: Feb 2019
Reputation: 4
#1
02-20-2019, 02:06 PM
The SOC-CMM survey has indicated that some users are looking for additions to the SOC-CMM business domain. Which additions should be considered?
Keep calm and share knowledge
Website Find
Reply
darren.bnm Offline
validated user
Posts: 7
Threads: 5
Joined: Apr 2019
Reputation: 3
#2
04-10-2019, 05:54 AM
Probably 2.2.9 - Human Resource
Remarks - Disciplinary review of web accesses habits or other employee system reviews that are legally allowed such as in the case of harassment
Find
Reply
robvanos Offline
Super Moderator
******
Posts: 44
Threads: 14
Joined: Feb 2019
Reputation: 4
#3
04-10-2019, 11:44 AM
Agreed! Web access habits could be a compliance issue as well, so I suppose the compliance department is also a potential customer. That's probably true for all departments concerned with policy violations.

I hadn't considered harassment yet, but of course if it contains a digital component forensic analysis or monitoring could be called upon. I'll add this to the next release of the SOC-CMM.
Website Find
Reply
ashirvadrai@gmail.com Offline
validated user
Posts: 1
Threads: 0
Joined: Apr 2020
Reputation: 0
#4
04-12-2020, 06:38 PM
Compliance, Data Privacy and Data Ownership are areas that impact a SOC team operationally as part of incident response process. Cohesion and effective involvement of Data Protection officers/function in SOC process is important. Please see if you can cover this as an area of extension of Business Domain.
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)