CCC-07: Detection of Baseline Deviation

CSF v1.1 References:

PF v1.0 References:

Info icon.

Control is new to this version of the control set and incorporates the following control from the previous version: GRM-01: Baseline Requirements.

Control Statement

Implement detection measures with proactive notification in case of changes deviating from the established baseline.

Implementation Guidance

The organization should establish a policy and procedures to detect deviations from the established control baseline. When a deviation is detected, the organization should follow the incidence management policies and procedures defined in SEF-01.

Auditing Guidance

  1. Examine measures that evaluate the organization's compliance with the change management policy and determine if these measures are implemented according to policy control requirements.

[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.