adammontville
commented
3 years ago Just an update on this effort. I seem to have lost the initial work I did on this, so I'll restart and have something prior to the next meeting. So, still in progress.
Open adammontville opened 3 years ago
adammontville
commented
3 years ago Just an update on this effort. I seem to have lost the initial work I did on this, so I'll restart and have something prior to the next meeting. So, still in progress.
adammontville
commented
3 years ago oca-architecture-wg-controls-workflow-analysis.pdf
That short deck, I hope, describes what I could find in v7.1 of the CIS Controls for cross-functional workflows. I see evidence of workflows in what the Controls call "ERD" diagrams (they're more like system relationship diagrams). These diagrams don't indicate more than the relationship (no protocol or data format information is included). Some sub-control descriptions and "Procedures and Tools" sections will allude to workflows, but don't explicitly talk about them. I combined a number of these diagrams into one view, and believe that any orchestration, interaction, or workflow implementation is being obscured in what is labeled as an "Alerting/Reporting Analytics System".
Then, each of the management areas (asset, configuration, vulnerability, log, etc.) relate to computing/network devices and are connected to the alerting/reporting analytics system, and I presume that the alerting would trigger some other process. that triggering and the process itself appear to be out of scope of the document.
Provide an example of workflows from an existing project (CIS 7.1 Controls)