SI-2 Flaw Remediation
Control: Identify, report, and correct system flaws.
Illustrative Controls and TIBCO LogLogic Solution
The problem management system should provide for adequate audit trail facilities that allow tracking, analyzing, and determining the root cause of all reported problems considering:
Managing problems and incidents addresses on how an organization identifies documents and responds to events that fall outside of normal operations. You must maintain a complete and accurate audit trail for network devices, servers and applications, This enables you to address how your business identify the root causes of issues that might introduce inaccuracy in reporting. Also, your problem management system must provide for adequate audit trail facilities that allow tracing from incident to underlying cause.
By alerting on any failures that occur, administrators can respond rapidly to potential problems and incidents that might affect availability, security, or performance. Real-time data monitoring and reporting capabilities reduce time to repair after incidents, reducing costs, and improving application availability.
To satisfy this control objective, administrators must ensure all reporting related network devices, servers, and applications are properly configured to log to a centralized server. Administrators must also periodically review logging status to ensure these devices, servers, and applications are logging correctly.
System event data must be sufficiently retained to provide chronological information and logs to enable the review, examination, and reconstruction of system and data processing. System event data can also be used to provide reasonable assurance as to the completeness and timeliness of system and data processing.