πΌ CC7.3-5 Determines Confidential Information Used or Disclosed
- Contextual name: πΌ CC7.3-5 Determines Confidential Information Used or Disclosed
- ID:
/frameworks/soc-2/cc7/03/05 - Located in: πΌ CC7.3 The entity evaluates security events to determine whether they could or have resulted in a failure of the entity to meet its objectives (security incidents) and, if so, takes actions to prevent or address such failures.
Descriptionβ
When an unauthorized use or disclosure of confidential information has occurred, the affected information is identified and actions are taken to help prevent future recurrence and address control failures to support the achievement of entity objectives.
Similarβ
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (2)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Google Cloud Audit Logging is not configured properly π’ | 1 | π’ x6 |
| π Google GCE Network DNS Policy Logging is not enabled π’ | 1 | π’ x6 |