DCS-11: Unauthorized Access Response Training

Control Family:

Datacenter Security

CSF v1.1 References:

PF v1.0 References:

Info icon.

Control is new to this version of the control set and incorporates the following item from the previous version: HRS-09: Training / Awareness.

Control Statement

Train datacenter personnel to respond to unauthorized ingress or egress attempts.

Implementation Guidance

Comprehensive training on detecting and responding to various kinds of unauthorized access attempts must be provided to relevant data center personnel and issued periodically.

Auditing Guidance

  1. Examine the policy and procedures relating to activities and actions to perform in case of unauthorized access.
  2. Examine the policy and procedures related to datacenter’s personnel training.
  3. Determine if the training content is appropriate and approved by the organization.
  4. Ascertain that appropriate datacenter personnel have completed all relevant training through review of training plans and records. Confirm that these have been completed in accordance with policy and procedures.

[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.