⭐ Repository → 💼 SOC 2 → 💼 CC7 System Operations → 💼 CC7.2 The entity monitors system components and the operation of those components for anomalies that are indicative of malicious acts, natural disasters, and errors affecting the entity's ability to meet its objectives; anomalies are analyzed to determine whether they represent security events.

💼 CC7.2-1 Implements Detection Policies, Procedures, and Tools

• ID: /frameworks/soc-2/cc7/02/01

Description

Detection policies and procedures are defined and implemented, and detection tools are implemented on Infrastructure and software to identify anomalies in the operation or unusual activity on systems. Procedures may include (1) a defined governance process for security event detection and management that includes provision of resources; (2) use of intelligence sources to identify newly discovered threats and vulnerabilities; and (3) logging of unusual system activities.

Similar

• Internal
  • ID: dec-c-b18dc75d

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (7)

Policy	Logic Count	Flags	Compliance
🛡️ Google Cloud PostgreSQL Instance Log_error_verbosity Database Flag is not set to DEFAULT or stricter🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_statement Database Flag is not set appropriately🟢	1	🟢 x6	no data
🛡️ Google GCE Subnetwork Flow Logs are not enabled🟢	1	🟢 x6	no data