framework-mcp 2.4.3 → 2.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -2895,19 +2895,17 @@ export class SafeguardManager {
2895
2895
  title: "Establish and Maintain a Secure Configuration Process",
2896
2896
  description: "Establish and maintain a documented secure configuration process for enterprise assets (end-user devices, including portable and mobile; non-computing/IoT devices; and servers) and software (operating systems and applications). Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.",
2897
2897
  implementationGroup: "IG1",
2898
- assetType: ["end-user devices", "network devices", "IoT devices", "servers", "Software"],
2898
+ assetType: ["Docuemntation"],
2899
2899
  securityFunction: ["Govern"],
2900
2900
  governanceElements: [ // Orange - MUST be met
2901
2901
  "Establish",
2902
2902
  "Maintain",
2903
- "Documented Secure Configuration Process",
2904
2903
  "Review and update documentation",
2905
2904
  "Annually",
2906
2905
  "When significant enterprise changes occur that could impact this Safeguard"
2907
2906
  ],
2908
2907
  coreRequirements: [ // Green - The "what"
2909
- "documented secure configuration process for enterprise assets",
2910
- "documented secure configuration process for software"
2908
+ "documented secure configuration process"
2911
2909
  ],
2912
2910
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
2913
2911
  "Enterprise assets",
@@ -2917,12 +2915,9 @@ export class SafeguardManager {
2917
2915
  "Portable",
2918
2916
  "Non-computing/IoT devices",
2919
2917
  "Servers",
2920
- "OS",
2921
- "Software"
2918
+ "OS"
2922
2919
  ],
2923
2920
  implementationSuggestions: [ // Gray - Implementation suggestions
2924
- "Secure Configuration Policy / Process",
2925
- "Configuration Management Tool"
2926
2921
  ],
2927
2922
  relatedSafeguards: ["1.1", "2.1", "4.2", "4.3", "4.4", "4.5", "4.6", "4.7", "4.8", "4.9", "4.10", "4.11", "4.12"],
2928
2923
  systemPromptFull: {
@@ -3010,25 +3005,22 @@ export class SafeguardManager {
3010
3005
  title: "Establish and Maintain a Secure Configuration Process for Network Infrastructure",
3011
3006
  description: "Establish and maintain a documented secure configuration process for network devices. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.",
3012
3007
  implementationGroup: "IG1",
3013
- assetType: ["network devices"],
3008
+ assetType: ["Documentation"],
3014
3009
  securityFunction: ["Govern"],
3015
3010
  governanceElements: [ // Orange - MUST be met
3016
3011
  "Establish",
3017
3012
  "Maintain",
3018
- "Documented Secure Network Configuration Process",
3019
3013
  "Review and update documentation",
3020
3014
  "Annually",
3021
3015
  "When significant enterprise changes occur that could impact this Safeguard"
3022
3016
  ],
3023
3017
  coreRequirements: [ // Green - The "what"
3024
- "documented secure configuration process for network devices"
3018
+ "documented secure configuration process"
3025
3019
  ],
3026
3020
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3027
3021
  "Network devices"
3028
3022
  ],
3029
3023
  implementationSuggestions: [ // Gray - Implementation suggestions
3030
- "Secure Configuration Policy / Process",
3031
- "Configuration Management Tool"
3032
3024
  ],
3033
3025
  relatedSafeguards: ["1.1", "2.1", "3.10", "4.1", "6.4", "8.1", "12.1", "12.2", "12.3", "12.4", "12.5", "13.3", "13.4", "13.6", "13.8", "13.9", "13.10"],
3034
3026
  systemPromptFull: {
@@ -3116,7 +3108,7 @@ export class SafeguardManager {
3116
3108
  title: "Configure Automatic Session Locking on Enterprise Assets",
3117
3109
  description: "Configure automatic session locking on enterprise assets after a defined period of inactivity. For general purpose operating systems, the period Must Not Exceed 15 minutes. For mobile end-user devices, the period must not exceed 2 minutes.",
3118
3110
  implementationGroup: "IG1",
3119
- assetType: ["devices"],
3111
+ assetType: ["Devices"],
3120
3112
  securityFunction: ["Protect"],
3121
3113
  governanceElements: [ // Orange - MUST be met
3122
3114
  "Configure",
@@ -3124,18 +3116,14 @@ export class SafeguardManager {
3124
3116
  "Period must not exceed for 2 Minutes"
3125
3117
  ],
3126
3118
  coreRequirements: [ // Green - The "what"
3127
- "automatic session locking on enterprise assets after a defined period of inactivity",
3128
- "general purpose operating systems",
3129
- "mobile end-user devices"
3119
+ "automatic session locking on enterprise assets"
3130
3120
  ],
3131
3121
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3132
- "Automatic Session Locking",
3133
3122
  "Period of inactivity",
3134
3123
  "General Purpose OSs",
3135
3124
  "Mobile end-user devices"
3136
3125
  ],
3137
3126
  implementationSuggestions: [ // Gray - Implementation suggestions
3138
- "Configuration Management Tool"
3139
3127
  ],
3140
3128
  relatedSafeguards: ["4.1"],
3141
3129
  systemPromptFull: {
@@ -3223,7 +3211,7 @@ export class SafeguardManager {
3223
3211
  title: "Implement and Manage a Firewall on Servers",
3224
3212
  description: "Implement and manage a firewall on servers, where supported. Example implementations include a virtual firewall, operating system firewall, or a third-party firewall agent.",
3225
3213
  implementationGroup: "IG1",
3226
- assetType: ["devices"],
3214
+ assetType: ["Devices"],
3227
3215
  securityFunction: ["Protect"],
3228
3216
  governanceElements: [ // Orange - MUST be met
3229
3217
  "Implement",
@@ -3240,8 +3228,6 @@ export class SafeguardManager {
3240
3228
  "Virtual Firewall",
3241
3229
  "OS Firewall",
3242
3230
  "Third Party Firewall",
3243
- "Firewall",
3244
- "Configuration Management Tool"
3245
3231
  ],
3246
3232
  relatedSafeguards: ["4.1"],
3247
3233
  systemPromptFull: {
@@ -3329,21 +3315,18 @@ export class SafeguardManager {
3329
3315
  title: "Implement and Manage a Firewall on End-User Devices",
3330
3316
  description: "Implement and manage a host-based firewall or port-filtering tool on end-user devices, with a default-deny rule that drops all traffic except those services and ports that are explicitly allowed.",
3331
3317
  implementationGroup: "IG1",
3332
- assetType: ["devices"],
3318
+ assetType: ["Devices"],
3333
3319
  securityFunction: ["Protect"],
3334
3320
  governanceElements: [ // Orange - MUST be met
3335
3321
  "Implement",
3336
- "Manage",
3337
- "Default deny rule that drops all traffic",
3338
- "Except Explicitly Allowed"
3322
+ "Manage"
3339
3323
  ],
3340
3324
  coreRequirements: [ // Green - The "what"
3341
3325
  "host-based firewall or port-filtering tool on end-user devices"
3342
3326
  ],
3343
3327
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3344
- "Host-based Firewall",
3345
- "Port Filtering Tool",
3346
- "End User Devices",
3328
+ "Default Deny Rule that drops all traffic",
3329
+ "Except Explicitly Allowed",
3347
3330
  "Services",
3348
3331
  "Ports"
3349
3332
  ],
@@ -3437,7 +3420,7 @@ export class SafeguardManager {
3437
3420
  title: "Securely Manage Enterprise Assets and Software",
3438
3421
  description: "Securely manage enterprise assets and software. Example implementations include managing configuration through version-controlled- Infrastructure-as-Code (IaC) and accessing administrative interfaces over secure network protocols, such as Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS). Do not use insecure management protocols, such as Telnet (Teletype Network) and HTTP, unless operationally essential.",
3439
3422
  implementationGroup: "IG1",
3440
- assetType: ["devices", "Software"],
3423
+ assetType: ["Devices"],
3441
3424
  securityFunction: ["Protect"],
3442
3425
  governanceElements: [ // Orange - MUST be met
3443
3426
  "Do not use insecure management protocols",
@@ -3447,16 +3430,14 @@ export class SafeguardManager {
3447
3430
  "Securely manage enterprise assets and software"
3448
3431
  ],
3449
3432
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3450
- "Securely manage enterprise assets and software"
3433
+ "Securely manage enterprise assets and software",
3434
+ "Do not use insecure management protocols unless operationally essential"
3451
3435
  ],
3452
3436
  implementationSuggestions: [ // Gray - Implementation suggestions
3453
3437
  "Manage configuration through version-controlled Infrastructure-as-Code (IaC)",
3454
3438
  "Accessing administrative interfaces over secure network protocols",
3455
- "SSH",
3456
- "HTTPS",
3457
- "Telnet (Teletype Network)",
3458
- "HTTP",
3459
- "Configuration Management Tool"
3439
+ "SSH instead of TELNET",
3440
+ "HTTPS instead of HTTP",
3460
3441
  ],
3461
3442
  relatedSafeguards: ["4.1", "12.3"],
3462
3443
  systemPromptFull: {
@@ -3544,26 +3525,22 @@ export class SafeguardManager {
3544
3525
  title: "Manage Default Accounts on Enterprise Assets and Software",
3545
3526
  description: "Manage default accounts on enterprise assets and software, such as root, administrator, and other pre-configured vendor accounts. Example implementations can include: disabling default accounts or making them unusable.",
3546
3527
  implementationGroup: "IG1",
3547
- assetType: ["devices", "Software", "users"],
3528
+ assetType: ["Users"],
3548
3529
  securityFunction: ["Protect"],
3549
3530
  governanceElements: [ // Orange - MUST be met
3550
3531
  "Manage"
3551
3532
  ],
3552
3533
  coreRequirements: [ // Green - The "what"
3553
- "default accounts on enterprise assets and software"
3534
+ "default accounts"
3554
3535
  ],
3555
3536
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3556
- "Default accounts",
3557
3537
  "Enterprise assets",
3558
- "Software",
3559
- "Root",
3560
- "Administrator",
3561
- "Other pre-configured vendor accounts"
3538
+ "Software"
3562
3539
  ],
3563
3540
  implementationSuggestions: [ // Gray - Implementation suggestions
3564
- "Disabling",
3565
- "Unusable",
3566
- "Configuration Management Tool"
3541
+ "Disabling them",
3542
+ "making them Unusable",
3543
+ "Root, Administrator, or other pre-configured vendor accounts"
3567
3544
  ],
3568
3545
  relatedSafeguards: ["4.1"],
3569
3546
  systemPromptFull: {
@@ -3651,25 +3628,23 @@ export class SafeguardManager {
3651
3628
  title: "Uninstall or Disable Unnecessary Services on Enterprise Assets and Software",
3652
3629
  description: "Uninstall or disable unnecessary services on enterprise assets and software, such as an unused file sharing service, web application module, or service function.",
3653
3630
  implementationGroup: "IG2",
3654
- assetType: ["devices", "Software"],
3631
+ assetType: ["Devices", "Software"],
3655
3632
  securityFunction: ["Protect"],
3656
3633
  governanceElements: [ // Orange - MUST be met
3657
3634
  "Uninstall",
3658
3635
  "Disable"
3659
3636
  ],
3660
3637
  coreRequirements: [ // Green - The "what"
3661
- "unnecessary services on enterprise assets and software"
3638
+ "unnecessary services"
3662
3639
  ],
3663
3640
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3664
- "Unnecessary Services",
3665
3641
  "Enterprise assets",
3666
- "Software",
3667
- "Unused file sharing service",
3668
- "Web application module",
3669
- "Service function"
3642
+ "Software"
3670
3643
  ],
3671
3644
  implementationSuggestions: [ // Gray - Implementation suggestions
3672
- "Configuration Management Tool"
3645
+ "Unused File Sharing Services",
3646
+ "Web Application Module",
3647
+ "Service Function"
3673
3648
  ],
3674
3649
  relatedSafeguards: ["4.1"],
3675
3650
  systemPromptFull: {
@@ -3757,22 +3732,20 @@ export class SafeguardManager {
3757
3732
  title: "Configure Trusted DNS Servers on Enterprise Assets",
3758
3733
  description: "Configure trusted DNS servers on enterprise assets. Example implementations include: configuring assets to use enterprise-controlled DNS servers and/or reputable externally accessible DNS servers.",
3759
3734
  implementationGroup: "IG2",
3760
- assetType: ["devices"],
3735
+ assetType: ["Devices"],
3761
3736
  securityFunction: ["Protect"],
3762
3737
  governanceElements: [ // Orange - MUST be met
3763
3738
  "Configure"
3764
3739
  ],
3765
3740
  coreRequirements: [ // Green - The "what"
3766
- "trusted DNS servers on enterprise assets"
3741
+ "trusted DNS servers"
3767
3742
  ],
3768
3743
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3769
- "Trusted DNS Servers",
3770
3744
  "Enterprise assets"
3771
3745
  ],
3772
3746
  implementationSuggestions: [ // Gray - Implementation suggestions
3773
3747
  "Configuring assets to use enterprise-controlled DNS servers",
3774
- "Reputable externally accessible DNS servers",
3775
- "Configuration Management Tool"
3748
+ "Reputable externally accessible DNS servers"
3776
3749
  ],
3777
3750
  relatedSafeguards: ["4.1", "8.6", "9.2"],
3778
3751
  systemPromptFull: {
@@ -3860,7 +3833,7 @@ export class SafeguardManager {
3860
3833
  title: "Enforce Automatic Device Lockout on Portable End-User Devices",
3861
3834
  description: "Enforce automatic device lockout following a predetermined threshold of local failed authentication attempts on portable end-user devices, where supported. For laptops, do not allow more than 20 failed authentication attempts; for tablets and smartphones, no more than 10 failed authentication attempts. Example implementations include Microsoft® InTune Device Lock and Apple® Configuration Profile maxFailedAttempts.",
3862
3835
  implementationGroup: "IG2",
3863
- assetType: ["devices"],
3836
+ assetType: ["Devices"],
3864
3837
  securityFunction: ["Protect"],
3865
3838
  governanceElements: [ // Orange - MUST be met
3866
3839
  "Enforce",
@@ -3869,14 +3842,13 @@ export class SafeguardManager {
3869
3842
  "No more than 10 Failed Authentication Attempts"
3870
3843
  ],
3871
3844
  coreRequirements: [ // Green - The "what"
3872
- "automatic device lockout following a predetermined threshold of local failed authentication attempts on portable end-user devices"
3845
+ "automatic device lockout"
3873
3846
  ],
3874
3847
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3875
- "Automatic Device Lockout",
3876
- "Predetermined threshold of local failed authentication attempts",
3877
- "Portable end-user devices",
3878
- "Laptops",
3879
- "Tablets and smartphones"
3848
+ "After a Predetermined threshold of local failed authentication attempts",
3849
+ "On Portable end-user devices",
3850
+ "Such as Laptops",
3851
+ "Such as Tablets and smartphones"
3880
3852
  ],
3881
3853
  implementationSuggestions: [ // Gray - Implementation suggestions
3882
3854
  "Microsoft® InTune Device Lock",
@@ -3969,24 +3941,22 @@ export class SafeguardManager {
3969
3941
  title: "Enforce Remote Wipe Capability on Portable End-User Devices",
3970
3942
  description: "Remotely wipe enterprise data from enterprise-owned portable end-user devices when deemed appropriate such as lost or stolen devices, or when an individual no longer supports the enterprise.",
3971
3943
  implementationGroup: "IG2",
3972
- assetType: ["devices"],
3944
+ assetType: ["Devices"],
3973
3945
  securityFunction: ["Protect"],
3974
3946
  governanceElements: [ // Orange - MUST be met
3975
3947
  "When deemed appropriate"
3976
3948
  ],
3977
3949
  coreRequirements: [ // Green - The "what"
3978
- "Remotely wipe enterprise data from enterprise-owned portable end-user devices"
3950
+ "Remotely wipe enterprise data"
3979
3951
  ],
3980
3952
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
3981
- "Remotely Wipe enterprise data",
3982
- "Portable end-user devices",
3953
+ "Portable end-user devices"
3954
+ ],
3955
+ implementationSuggestions: [ // Gray - Implementation suggestions
3983
3956
  "Lost devices",
3984
3957
  "Stolen devices",
3985
3958
  "When an individual no longer supports the enterprise"
3986
3959
  ],
3987
- implementationSuggestions: [ // Gray - Implementation suggestions
3988
- "Configuration Management Tool"
3989
- ],
3990
3960
  relatedSafeguards: ["4.1"],
3991
3961
  systemPromptFull: {
3992
3962
 
@@ -4073,7 +4043,7 @@ export class SafeguardManager {
4073
4043
  title: "Separate Enterprise Workspaces on Mobile End-User Devices",
4074
4044
  description: "Ensure separate enterprise workspaces are used on mobile end-user devices, where supported. Example implementations include using an Apple® Configuration Profile or AndroidTM Work Profile to separate enterprise applications and data from personal applications and data.",
4075
4045
  implementationGroup: "IG3",
4076
- assetType: ["devices", "Data"],
4046
+ assetType: ["Data"],
4077
4047
  securityFunction: ["Protect"],
4078
4048
  governanceElements: [ // Orange - MUST be met
4079
4049
  "Ensure",
@@ -4083,17 +4053,12 @@ export class SafeguardManager {
4083
4053
  "separate enterprise workspaces are used on mobile end-user devices"
4084
4054
  ],
4085
4055
  subTaxonomicalElements: [ // Yellow - Sub-taxonomical elements
4086
- "Separate enterprise workspaces",
4087
- "On Mobile Devices",
4088
- "Enterprise Applications",
4089
- "Enterprise Data",
4090
- "Personal Applications",
4091
- "Personal Data"
4056
+ "Enterprise Applications and Enterprise Data",
4057
+ "Seperate from Personal Applications and Personal Data"
4092
4058
  ],
4093
4059
  implementationSuggestions: [ // Gray - Implementation suggestions
4094
4060
  "Apple® Configuration Profile",
4095
- "AndroidTM Work Profile",
4096
- "Configuration Management Tool"
4061
+ "AndroidTM Work Profile"
4097
4062
  ],
4098
4063
  relatedSafeguards: ["4.1"],
4099
4064
  systemPromptFull: {
@@ -4181,7 +4146,7 @@ export class SafeguardManager {
4181
4146
  title: "Establish and Maintain an Inventory of Accounts",
4182
4147
  description: "Establish and maintain an inventory of all accounts managed in the enterprise. The inventory must include both user and administrator accounts. The inventory, at a minimum, should contain the person's name, username, start/stop dates, and department. Validate that all active accounts are authorized, on a recurring schedule at a minimum quarterly, or more frequently.",
4183
4148
  implementationGroup: "IG1",
4184
- assetType: ["users"],
4149
+ assetType: ["Users"],
4185
4150
  securityFunction: ["Identify"],
4186
4151
  governanceElements: [ // Orange - MUST be met
4187
4152
  "Establish and maintain an inventory of all accounts managed in the enterprise",
@@ -4298,7 +4263,7 @@ export class SafeguardManager {
4298
4263
  title: "Use Unique Passwords",
4299
4264
  description: "Use unique passwords for all enterprise assets. Best practice implementation includes, at a minimum, an 8-character password for accounts using Multi-Factor Authentication (MFA) and a 14-character password for accounts not using MFA.",
4300
4265
  implementationGroup: "IG1",
4301
- assetType: ["users"],
4266
+ assetType: ["Users"],
4302
4267
  securityFunction: ["Protect"],
4303
4268
  governanceElements: [ // Orange - MUST be met
4304
4269
  "Use unique passwords for all enterprise assets",
@@ -4404,7 +4369,7 @@ export class SafeguardManager {
4404
4369
  title: "Disable Dormant Accounts",
4405
4370
  description: "Delete or disable any dormant accounts after a period of 45 days of inactivity, where supported.",
4406
4371
  implementationGroup: "IG1",
4407
- assetType: ["users"],
4372
+ assetType: ["Users"],
4408
4373
  securityFunction: ["Protect"],
4409
4374
  governanceElements: [ // Orange - MUST be met
4410
4375
  "Delete or disable any dormant accounts after a period of 45 days of inactivity, where supported"
@@ -4508,7 +4473,7 @@ export class SafeguardManager {
4508
4473
  title: "Restrict Administrator Privileges to Dedicated Administrator Accounts",
4509
4474
  description: "Restrict administrator privileges to dedicated administrator accounts on enterprise assets. Conduct general computing activities, such as internet browsing, email, and productivity suite use, from the user's primary, non-privileged account.",
4510
4475
  implementationGroup: "IG1",
4511
- assetType: ["users"],
4476
+ assetType: ["Users"],
4512
4477
  securityFunction: ["Protect"],
4513
4478
  governanceElements: [ // Orange - MUST be met
4514
4479
  "Restrict administrator privileges to dedicated administrator accounts on enterprise assets",
@@ -4618,7 +4583,7 @@ export class SafeguardManager {
4618
4583
  title: "Establish and Maintain an Inventory of Service Accounts",
4619
4584
  description: "Establish and maintain an inventory of service accounts. The inventory, at a minimum, must contain department owner, review date, and purpose. Perform service account reviews to validate that all active accounts are authorized, on a recurring schedule at a minimum quarterly, or more frequently.",
4620
4585
  implementationGroup: "IG2",
4621
- assetType: ["users"],
4586
+ assetType: ["Users"],
4622
4587
  securityFunction: ["Identify"],
4623
4588
  governanceElements: [ // Orange - MUST be met
4624
4589
  "Establish and maintain an inventory of service accounts",
@@ -4731,7 +4696,7 @@ export class SafeguardManager {
4731
4696
  title: "Centralize Account Management",
4732
4697
  description: "Centralize account management through a directory or identity service.",
4733
4698
  implementationGroup: "IG2",
4734
- assetType: ["users"],
4699
+ assetType: ["Users"],
4735
4700
  securityFunction: ["Govern"],
4736
4701
  governanceElements: [ // Orange - MUST be met
4737
4702
  "Centralize account management through a directory or identity service"
@@ -4835,7 +4800,7 @@ export class SafeguardManager {
4835
4800
  title: "Establish an Access Granting Process",
4836
4801
  description: "Establish and follow a documented process, preferably automated, for granting access to enterprise assets upon new hire or role change of a user.",
4837
4802
  implementationGroup: "IG1",
4838
- assetType: ["users"],
4803
+ assetType: ["Users"],
4839
4804
  securityFunction: ["Govern"],
4840
4805
  governanceElements: [ // Orange - MUST be met
4841
4806
  "Establish",
@@ -4946,7 +4911,7 @@ export class SafeguardManager {
4946
4911
  title: "Establish an Access Revoking Process",
4947
4912
  description: "Establish and follow a process, preferably automated, for revoking access to enterprise assets, through disabling accounts immediately upon termination, rights revocation, or role change of a user. Disabling accounts, instead of deleting accounts, may be necessary to preserve audit trails.",
4948
4913
  implementationGroup: "IG1",
4949
- assetType: ["users"],
4914
+ assetType: ["Users"],
4950
4915
  securityFunction: ["Govern"],
4951
4916
  governanceElements: [ // Orange - MUST be met
4952
4917
  "Establish",
@@ -5062,7 +5027,7 @@ export class SafeguardManager {
5062
5027
  title: "Require MFA for Externally-Exposed Applications",
5063
5028
  description: "Require all externally-exposed enterprise or third-party applications to enforce MFA, where supported. Enforcing MFA through a directory service or SSO provider is a satisfactory implementation of this Safeguard.",
5064
5029
  implementationGroup: "IG1",
5065
- assetType: ["users"],
5030
+ assetType: ["Users"],
5066
5031
  securityFunction: ["Protect"],
5067
5032
  governanceElements: [ // Orange - MUST be met
5068
5033
  "Require",
@@ -5171,7 +5136,7 @@ export class SafeguardManager {
5171
5136
  title: "Require MFA for Remote Network Access",
5172
5137
  description: "Require MFA for remote network access.",
5173
5138
  implementationGroup: "IG1",
5174
- assetType: ["users"],
5139
+ assetType: ["Users"],
5175
5140
  securityFunction: ["Protect"],
5176
5141
  governanceElements: [ // Orange - MUST be met
5177
5142
  "Require",
@@ -5275,7 +5240,7 @@ export class SafeguardManager {
5275
5240
  title: "Require MFA for Administrative Access",
5276
5241
  description: "Require MFA for all administrative access accounts, where supported, on all enterprise assets, whether managed on-site or through a service provider.",
5277
5242
  implementationGroup: "IG1",
5278
- assetType: ["users"],
5243
+ assetType: ["Users"],
5279
5244
  securityFunction: ["Protect"],
5280
5245
  governanceElements: [ // Orange - MUST be met
5281
5246
  "Require",
@@ -5496,7 +5461,7 @@ export class SafeguardManager {
5496
5461
  title: "Centralize Access Control",
5497
5462
  description: "Centralize access control for all enterprise assets through a directory service or SSO provider, where supported.",
5498
5463
  implementationGroup: "IG2",
5499
- assetType: ["users"],
5464
+ assetType: ["Users"],
5500
5465
  securityFunction: ["Protect"],
5501
5466
  governanceElements: [ // Orange - MUST be met
5502
5467
  "Centralize",
@@ -5608,7 +5573,7 @@ export class SafeguardManager {
5608
5573
  title: "Define and Maintain Role-Based Access Control",
5609
5574
  description: "Define and maintain role-based access control, through determining and documenting the access rights necessary for each role within the enterprise to successfully carry out its assigned duties. Perform access control reviews of enterprise assets to validate that all privileges are authorized, on a recurring schedule at a minimum annually, or more frequently.",
5610
5575
  implementationGroup: "IG3",
5611
- assetType: ["users"],
5576
+ assetType: ["Users"],
5612
5577
  securityFunction: ["Govern"],
5613
5578
  governanceElements: [ // Orange - MUST be met
5614
5579
  "Define",
@@ -5960,7 +5925,7 @@ export class SafeguardManager {
5960
5925
  title: "Perform Automated Operating System Patch Management",
5961
5926
  description: "Perform automated operating system patch management on enterprise assets",
5962
5927
  implementationGroup: "IG1",
5963
- assetType: ["devices"],
5928
+ assetType: ["Devices"],
5964
5929
  securityFunction: ["Protect"],
5965
5930
  governanceElements: [ // Orange - MUST be met
5966
5931
  "perform automated OS patch management",
@@ -6192,7 +6157,7 @@ export class SafeguardManager {
6192
6157
  title: "Perform Automated Vulnerability Scans of Internal Enterprise Assets",
6193
6158
  description: "Perform automated vulnerability scans of internal enterprise assets on a quarterly or more frequent basis",
6194
6159
  implementationGroup: "IG2",
6195
- assetType: ["devices", "Software"],
6160
+ assetType: ["Devices", "Software"],
6196
6161
  securityFunction: ["Detect"],
6197
6162
  governanceElements: [ // Orange - MUST be met
6198
6163
  "perform automated vulnerability scans",
@@ -6308,7 +6273,7 @@ export class SafeguardManager {
6308
6273
  title: "Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets",
6309
6274
  description: "Perform automated vulnerability scans of externally-exposed enterprise assets using either an internal or external vulnerability scanning service",
6310
6275
  implementationGroup: "IG2",
6311
- assetType: ["devices", "Software"],
6276
+ assetType: ["Devices", "Software"],
6312
6277
  securityFunction: ["Detect"],
6313
6278
  governanceElements: [ // Orange - MUST be met
6314
6279
  "perform automated vulnerability scans",
@@ -7914,7 +7879,7 @@ export class SafeguardManager {
7914
7879
  title: "Use DNS Filtering Services",
7915
7880
  description: "Use DNS filtering services on all end-user devices, including remote and on-premise assets, to block access to known malicious domains",
7916
7881
  implementationGroup: "IG1",
7917
- assetType: ["devices", "network"],
7882
+ assetType: ["Devices", "network"],
7918
7883
  securityFunction: ["Protect"],
7919
7884
  governanceElements: [ // Orange - MUST be met
7920
7885
  "use DNS filtering services on all end-user devices",
@@ -8590,7 +8555,7 @@ export class SafeguardManager {
8590
8555
  title: "Deploy and Maintain Anti-Malware Software",
8591
8556
  description: "Deploy and maintain anti-malware software on all enterprise assets",
8592
8557
  implementationGroup: "IG1",
8593
- assetType: ["devices"],
8558
+ assetType: ["Devices"],
8594
8559
  securityFunction: ["Detect"],
8595
8560
  governanceElements: [ // Orange - MUST be met
8596
8561
  "deploy anti-malware software",
@@ -8703,7 +8668,7 @@ export class SafeguardManager {
8703
8668
  title: "Configure Automatic Anti-Malware Signature Updates",
8704
8669
  description: "Configure automatic updates for anti-malware signature files on all enterprise assets",
8705
8670
  implementationGroup: "IG1",
8706
- assetType: ["devices"],
8671
+ assetType: ["Devices"],
8707
8672
  securityFunction: ["Protect"],
8708
8673
  governanceElements: [ // Orange - MUST be met
8709
8674
  "configure automatic updates",
@@ -8811,7 +8776,7 @@ export class SafeguardManager {
8811
8776
  title: "Disable Autorun and Autoplay for Removable Media",
8812
8777
  description: "Disable autorun and autoplay auto-execute functionality for removable media",
8813
8778
  implementationGroup: "IG1",
8814
- assetType: ["devices"],
8779
+ assetType: ["Devices"],
8815
8780
  securityFunction: ["Protect"],
8816
8781
  governanceElements: [ // Orange - MUST be met
8817
8782
  "disable autorun functionality",
@@ -8924,7 +8889,7 @@ export class SafeguardManager {
8924
8889
  title: "Configure Automatic Anti-Malware Scanning of Removable Media",
8925
8890
  description: "Configure anti-malware software to automatically scan removable media",
8926
8891
  implementationGroup: "IG2",
8927
- assetType: ["devices"],
8892
+ assetType: ["Devices"],
8928
8893
  securityFunction: ["Detect"],
8929
8894
  governanceElements: [ // Orange - MUST be met
8930
8895
  "configure anti-malware software",
@@ -9036,7 +9001,7 @@ export class SafeguardManager {
9036
9001
  title: "Enable Anti-Exploitation Features",
9037
9002
  description: "Enable anti-exploitation features on enterprise assets and software, where possible, such as Microsoft® Data Execution Prevention (DEP), Windows® Defender Exploit Guard (WDEG), or Apple® System Integrity Protection (SIP) and Gatekeeper™",
9038
9003
  implementationGroup: "IG2",
9039
- assetType: ["devices"],
9004
+ assetType: ["Devices"],
9040
9005
  securityFunction: ["Protect"],
9041
9006
  governanceElements: [ // Orange - MUST be met
9042
9007
  "enable anti-exploitation features",
@@ -9150,7 +9115,7 @@ export class SafeguardManager {
9150
9115
  title: "Centrally Manage Anti-Malware Software",
9151
9116
  description: "Centrally manage anti-malware software",
9152
9117
  implementationGroup: "IG2",
9153
- assetType: ["devices"],
9118
+ assetType: ["Devices"],
9154
9119
  securityFunction: ["Protect"],
9155
9120
  governanceElements: [ // Orange - MUST be met
9156
9121
  "centrally manage anti-malware",
@@ -9260,7 +9225,7 @@ export class SafeguardManager {
9260
9225
  title: "Use Behavior-Based Anti-Malware Software",
9261
9226
  description: "Use behavior-based anti-malware software",
9262
9227
  implementationGroup: "IG2",
9263
- assetType: ["devices"],
9228
+ assetType: ["Devices"],
9264
9229
  securityFunction: ["Detect"],
9265
9230
  governanceElements: [ // Orange - MUST be met
9266
9231
  "use behavior-based anti-malware",
@@ -10636,7 +10601,7 @@ export class SafeguardManager {
10636
10601
  title: "Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise's AAA Infrastructure",
10637
10602
  description: "Require users to authenticate to enterprise-managed VPN and authentication services prior to accessing enterprise resources on end-user devices",
10638
10603
  implementationGroup: "IG2",
10639
- assetType: ["devices"],
10604
+ assetType: ["Devices"],
10640
10605
  securityFunction: ["Protect"],
10641
10606
  governanceElements: [ // Orange - MUST be met
10642
10607
  "require users to authenticate to enterprise-managed VPN",
@@ -10750,7 +10715,7 @@ export class SafeguardManager {
10750
10715
  title: "Establish and Maintain Dedicated Computing Resources for All Administrative Work",
10751
10716
  description: "Establish and maintain dedicated computing resources, either physically or logically separated, for all administrative tasks or tasks requiring administrative access. The computing resources should be segmented from the enterprise's primary network and not be allowed internet access",
10752
10717
  implementationGroup: "IG3",
10753
- assetType: ["devices"],
10718
+ assetType: ["Devices"],
10754
10719
  securityFunction: ["Protect"],
10755
10720
  governanceElements: [ // Orange - MUST be met
10756
10721
  "establish dedicated computing resources for administrative work",
@@ -10866,7 +10831,7 @@ export class SafeguardManager {
10866
10831
  title: "Centralize Security Event Alerting",
10867
10832
  description: "Centralize security event alerting across enterprise assets for log correlation and analysis. Security event alerting includes, at a minimum, active exploitation attempts of enterprise assets",
10868
10833
  implementationGroup: "IG2",
10869
- assetType: ["network", "devices"],
10834
+ assetType: ["network", "Devices"],
10870
10835
  securityFunction: ["Detect"],
10871
10836
  governanceElements: [ // Orange - MUST be met
10872
10837
  "centralize security event alerting across enterprise assets",
@@ -10979,7 +10944,7 @@ export class SafeguardManager {
10979
10944
  title: "Deploy a Host-Based Intrusion Detection Solution",
10980
10945
  description: "Deploy a host-based intrusion detection solution on enterprise assets, where technically feasible",
10981
10946
  implementationGroup: "IG2",
10982
- assetType: ["devices"],
10947
+ assetType: ["Devices"],
10983
10948
  securityFunction: ["Detect"],
10984
10949
  governanceElements: [ // Orange - MUST be met
10985
10950
  "deploy host-based intrusion detection solution",
@@ -11307,7 +11272,7 @@ export class SafeguardManager {
11307
11272
  title: "Manage Access Control for Remote Assets",
11308
11273
  description: "Manage access control for assets remotely connecting to enterprise networks. Determine amount of access to the enterprise network based on: up-to-date anti-malware software, up-to date system patches, up-to-date host-based firewall, and up-to-date host-based intrusion detection or intrusion prevention system",
11309
11274
  implementationGroup: "IG2",
11310
- assetType: ["devices", "network"],
11275
+ assetType: ["Devices", "network"],
11311
11276
  securityFunction: ["Protect"],
11312
11277
  governanceElements: [ // Orange - MUST be met
11313
11278
  "manage access control for assets remotely connecting to enterprise networks",
@@ -11529,7 +11494,7 @@ export class SafeguardManager {
11529
11494
  title: "Deploy a Host-Based Intrusion Prevention Solution",
11530
11495
  description: "Deploy a host-based intrusion prevention solution on enterprise assets, where technically feasible",
11531
11496
  implementationGroup: "IG3",
11532
- assetType: ["devices"],
11497
+ assetType: ["Devices"],
11533
11498
  securityFunction: ["Respond"],
11534
11499
  governanceElements: [ // Orange - MUST be met
11535
11500
  "deploy host-based intrusion prevention solution",
@@ -11966,7 +11931,7 @@ export class SafeguardManager {
11966
11931
  title: "Tune Security Event Alerting Thresholds",
11967
11932
  description: "Tune security event alerting thresholds monthly, or more frequently",
11968
11933
  implementationGroup: "IG3",
11969
- assetType: ["network", "devices"],
11934
+ assetType: ["network", "Devices"],
11970
11935
  securityFunction: ["Detect"],
11971
11936
  governanceElements: [ // Orange - MUST be met
11972
11937
  "tune security event alerting thresholds",
@@ -12074,7 +12039,7 @@ export class SafeguardManager {
12074
12039
  title: "Establish and Maintain a Security Awareness Program",
12075
12040
  description: "Establish and maintain a security awareness program. The purpose of a security awareness program is to educate the enterprise's workforce on how to interact with enterprise assets and data in a secure manner. Conduct training at hire and, at a minimum, annually. Review and update content annually, or when significant enterprise changes occur that could impact this Safeguard",
12076
12041
  implementationGroup: "IG1",
12077
- assetType: ["users"],
12042
+ assetType: ["Users"],
12078
12043
  securityFunction: ["Govern"],
12079
12044
  governanceElements: [ // Orange - MUST be met
12080
12045
  "establish and maintain a security awareness program",
@@ -12190,7 +12155,7 @@ export class SafeguardManager {
12190
12155
  title: "Train Workforce Members to Recognize Social Engineering Attacks",
12191
12156
  description: "Train workforce members to recognize social engineering attacks, such as phishing, business email compromise (BEC), pretexting, and tailgating",
12192
12157
  implementationGroup: "IG1",
12193
- assetType: ["users"],
12158
+ assetType: ["Users"],
12194
12159
  securityFunction: ["Protect"],
12195
12160
  governanceElements: [ // Orange - MUST be met
12196
12161
  "train workforce members to recognize social engineering attacks",
@@ -12303,7 +12268,7 @@ export class SafeguardManager {
12303
12268
  title: "Train Workforce Members on Authentication Best Practices",
12304
12269
  description: "Train workforce members on authentication best practices. Example topics include MFA, password composition, and credential management",
12305
12270
  implementationGroup: "IG1",
12306
- assetType: ["users"],
12271
+ assetType: ["Users"],
12307
12272
  securityFunction: ["Protect"],
12308
12273
  governanceElements: [ // Orange - MUST be met
12309
12274
  "train workforce members on authentication best practices",
@@ -12414,7 +12379,7 @@ export class SafeguardManager {
12414
12379
  title: "Train Workforce on Data Handling Best Practices",
12415
12380
  description: "Train workforce members on how to identify and properly store, transfer, archive, and destroy sensitive data. This also includes training workforce members on clear screen and desk best practices, such as locking their screen when they step away from their enterprise asset, erasing physical and virtual whiteboards at the end of meetings, and storing data and assets securely",
12416
12381
  implementationGroup: "IG1",
12417
- assetType: ["users"],
12382
+ assetType: ["Users"],
12418
12383
  securityFunction: ["Protect"],
12419
12384
  governanceElements: [ // Orange - MUST be met
12420
12385
  "train workforce members on how to identify and properly store, transfer, archive, and destroy sensitive data",
@@ -12533,7 +12498,7 @@ export class SafeguardManager {
12533
12498
  title: "Train Workforce Members on Causes of Unintentional Data Exposure",
12534
12499
  description: "Train workforce members to be aware of causes for unintentional data exposure. Example topics include mis-delivery of sensitive data, losing a portable end-user device, or publishing data to unintended audiences",
12535
12500
  implementationGroup: "IG1",
12536
- assetType: ["users"],
12501
+ assetType: ["Users"],
12537
12502
  securityFunction: ["Protect"],
12538
12503
  governanceElements: [ // Orange - MUST be met
12539
12504
  "train workforce members to be aware of causes for unintentional data exposure",
@@ -12644,7 +12609,7 @@ export class SafeguardManager {
12644
12609
  title: "Train Workforce Members on Recognizing and Reporting Security Incidents",
12645
12610
  description: "Train workforce members to be able to recognize a potential incident and be able to report such an incident",
12646
12611
  implementationGroup: "IG1",
12647
- assetType: ["users"],
12612
+ assetType: ["Users"],
12648
12613
  securityFunction: ["Protect"],
12649
12614
  governanceElements: [ // Orange - MUST be met
12650
12615
  "train workforce members to be able to recognize a potential incident",
@@ -12753,7 +12718,7 @@ export class SafeguardManager {
12753
12718
  title: "Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates",
12754
12719
  description: "Train workforce to understand how to verify and report out-of-date software patches or any failures in automated processes and tools. Part of this training should include notifying IT personnel of any failures in automated processes and tools",
12755
12720
  implementationGroup: "IG1",
12756
- assetType: ["users"],
12721
+ assetType: ["Users"],
12757
12722
  securityFunction: ["Protect"],
12758
12723
  governanceElements: [ // Orange - MUST be met
12759
12724
  "train workforce to understand how to verify and report out-of-date software patches",
@@ -12868,7 +12833,7 @@ export class SafeguardManager {
12868
12833
  title: "Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks",
12869
12834
  description: "Train workforce members on the dangers of connecting to, and transmitting data over, insecure networks for enterprise activities. If the enterprise has remote workers, training must include guidance to ensure that all users securely configure their home network infrastructure",
12870
12835
  implementationGroup: "IG1",
12871
- assetType: ["users"],
12836
+ assetType: ["Users"],
12872
12837
  securityFunction: ["Protect"],
12873
12838
  governanceElements: [ // Orange - MUST be met
12874
12839
  "train workforce members on dangers of connecting to and transmitting data over insecure networks",
@@ -12982,7 +12947,7 @@ export class SafeguardManager {
12982
12947
  title: "Conduct Role-Specific Security Awareness and Skills Training",
12983
12948
  description: "Conduct role-specific security awareness and skills training. Example implementations include secure system administration courses for IT professionals, OWASP Top 10 vulnerability awareness and prevention training for web application developers, and advanced social engineering awareness training for high-profile roles",
12984
12949
  implementationGroup: "IG2",
12985
- assetType: ["users"],
12950
+ assetType: ["Users"],
12986
12951
  securityFunction: ["Protect"],
12987
12952
  governanceElements: [ // Orange - MUST be met
12988
12953
  "conduct role-specific security awareness and skills training",
@@ -13094,7 +13059,7 @@ export class SafeguardManager {
13094
13059
  title: "Establish and Maintain an Inventory of Service Providers",
13095
13060
  description: "Establish and maintain an inventory of service providers. The inventory is to list all known service providers, include classification(s), and designate an enterprise contact for each service provider. Review and update the inventory annually, or when significant enterprise changes occur that could impact this Safeguard",
13096
13061
  implementationGroup: "IG1",
13097
- assetType: ["users"],
13062
+ assetType: ["Users"],
13098
13063
  securityFunction: ["Identify"],
13099
13064
  governanceElements: [ // Orange - MUST be met
13100
13065
  "establish and maintain an inventory of service providers",
@@ -13208,7 +13173,7 @@ export class SafeguardManager {
13208
13173
  title: "Establish and Maintain a Service Provider Management Policy",
13209
13174
  description: "Establish and maintain a service provider management policy. Ensure the policy addresses the classification, inventory, assessment, monitoring, and decommissioning of service providers. Review and update the policy annually, or when significant enterprise changes occur that could impact this Safeguard",
13210
13175
  implementationGroup: "IG2",
13211
- assetType: ["users"],
13176
+ assetType: ["Users"],
13212
13177
  securityFunction: ["Govern"],
13213
13178
  governanceElements: [ // Orange - MUST be met
13214
13179
  "establish and maintain a service provider management policy",
@@ -13327,7 +13292,7 @@ export class SafeguardManager {
13327
13292
  title: "Classify Service Providers",
13328
13293
  description: "Classify service providers. Classification consideration may include one or more characteristics, such as data sensitivity, data volume, availability requirements, applicable regulations, inherent risk, and mitigated risk. Update and review classifications annually, or when significant enterprise changes occur that could impact this Safeguard",
13329
13294
  implementationGroup: "IG2",
13330
- assetType: ["users"],
13295
+ assetType: ["Users"],
13331
13296
  securityFunction: ["Govern"],
13332
13297
  governanceElements: [ // Orange - MUST be met
13333
13298
  "classify service providers",
@@ -13444,7 +13409,7 @@ export class SafeguardManager {
13444
13409
  title: "Ensure Service Provider Contracts Include Security Requirements",
13445
13410
  description: "Ensure service provider contracts include security requirements. Example requirements may include minimum security program requirements, security incident and/or data breach notification and response, data encryption requirements, and data disposal commitments. These security requirements must be consistent with the enterprise's service provider management policy. Review service provider contracts annually to ensure contracts are not missing security requirements",
13446
13411
  implementationGroup: "IG2",
13447
- assetType: ["users"],
13412
+ assetType: ["Users"],
13448
13413
  securityFunction: ["Govern"],
13449
13414
  governanceElements: [ // Orange - MUST be met
13450
13415
  "ensure service provider contracts include security requirements",
@@ -13560,7 +13525,7 @@ export class SafeguardManager {
13560
13525
  title: "Assess Service Providers",
13561
13526
  description: "Assess service providers consistent with the enterprise's service provider management policy. Assessment scope may vary based on classification(s), and may include review of standardized assessment reports, such as Service Organization Control 2 (SOC 2) and Payment Card Industry (PCI) Attestation of Compliance (AoC), customized questionnaires, or other appropriately rigorous processes. Reassess service providers annually, at a minimum, or with new and renewed contracts",
13562
13527
  implementationGroup: "IG3",
13563
- assetType: ["users"],
13528
+ assetType: ["Users"],
13564
13529
  securityFunction: ["Govern"],
13565
13530
  governanceElements: [ // Orange - MUST be met
13566
13531
  "assess service providers consistent with enterprise's service provider management policy",
@@ -14799,7 +14764,7 @@ export class SafeguardManager {
14799
14764
  title: "Train Developers in Application Security Concepts and Secure Coding",
14800
14765
  description: "Ensure that all software development personnel receive training in writing secure code for their specific development environment and responsibilities. Training can include general security principles and application security standard practices. Conduct training at least annually and design in a way to promote security within the development team, and build a culture of security among the developers",
14801
14766
  implementationGroup: "IG2",
14802
- assetType: ["users"],
14767
+ assetType: ["Users"],
14803
14768
  securityFunction: ["Protect"],
14804
14769
  governanceElements: [ // Orange - MUST be met
14805
14770
  "ensure that all software development personnel receive training in writing secure code",
@@ -15479,7 +15444,7 @@ export class SafeguardManager {
15479
15444
  title: "Designate Personnel to Manage Incident Handling",
15480
15445
  description: "Designate one key person, and at least one backup, who will manage the enterprise's incident handling process. Management personnel are responsible for the coordination and documentation of incident response and recovery efforts and can consist of employees internal to the enterprise, service providers, or a hybrid approach. If using a service provider, designate at least one person internal to the enterprise to oversee any third-party work. Review annually, or when significant enterprise changes occur that could impact this Safeguard",
15481
15446
  implementationGroup: "IG1",
15482
- assetType: ["users"],
15447
+ assetType: ["Users"],
15483
15448
  securityFunction: ["Respond"],
15484
15449
  governanceElements: [ // Orange - MUST be met
15485
15450
  "designate one key person and at least one backup who will manage the enterprise's incident handling process",
@@ -15591,7 +15556,7 @@ export class SafeguardManager {
15591
15556
  title: "Establish and Maintain Contact Information for Reporting Security Incidents",
15592
15557
  description: "Establish and maintain contact information for reporting security incidents. This information must be available to all workforce members and should include various contact methods (e.g., phone, email) and be regularly updated. Consider the availability of these contact methods in different circumstances, such as when primary communication systems are compromised",
15593
15558
  implementationGroup: "IG1",
15594
- assetType: ["users"],
15559
+ assetType: ["Users"],
15595
15560
  securityFunction: ["Respond"],
15596
15561
  governanceElements: [ // Orange - MUST be met
15597
15562
  "establish and maintain contact information for reporting security incidents",
@@ -15701,7 +15666,7 @@ export class SafeguardManager {
15701
15666
  title: "Establish and Maintain an Enterprise Process for Reporting Incidents",
15702
15667
  description: "Establish and maintain an documented enterprise process for the workforce to report security incidents. The process includes reporting timeframe, personnel to report to, mechanism for reporting, and the minimum information to be reported. Ensure the process is publicly available to all of the workforce. Review annually, or when significant enterprise changes occur that could impact this Safeguard",
15703
15668
  implementationGroup: "IG1",
15704
- assetType: ["users"],
15669
+ assetType: ["Users"],
15705
15670
  securityFunction: ["Govern"],
15706
15671
  governanceElements: [ // Orange - MUST be met
15707
15672
  "establish and maintain a documented enterprise process for the workforce to report security incidents",
@@ -15813,7 +15778,7 @@ export class SafeguardManager {
15813
15778
  title: "Establish and Maintain an Incident Response Process",
15814
15779
  description: "Establish and maintain a documented incident response process that addresses roles and responsibilities, compliance requirements, and a communication plan. Review annually, or when significant enterprise changes occur that could impact this Safeguard",
15815
15780
  implementationGroup: "IG2",
15816
- assetType: ["users"],
15781
+ assetType: ["Users"],
15817
15782
  securityFunction: ["Govern"],
15818
15783
  governanceElements: [ // Orange - MUST be met
15819
15784
  "establish and maintain a documented incident response process",
@@ -15922,7 +15887,7 @@ export class SafeguardManager {
15922
15887
  title: "Assign Key Roles and Responsibilities",
15923
15888
  description: "Assign key roles and responsibilities for incident response, including staff from legal, IT, information security, facilities, public relations, human resources, incident responders, and analysts. Review annually, or when significant enterprise changes occur that could impact this Safeguard",
15924
15889
  implementationGroup: "IG2",
15925
- assetType: ["users"],
15890
+ assetType: ["Users"],
15926
15891
  securityFunction: ["Respond"],
15927
15892
  governanceElements: [ // Orange - MUST be met
15928
15893
  "assign key roles and responsibilities for incident response",
@@ -16034,7 +15999,7 @@ export class SafeguardManager {
16034
15999
  title: "Define Mechanisms for Communicating During Incident Response",
16035
16000
  description: "Determine which primary and secondary mechanisms will be used to communicate and report during a security incident. Mechanisms can include phone calls, emails, secure chat or notification letters. Keep in mind that certain mechanisms, such as emails, can be affected during a security incident. Review annually, or when significant enterprise changes occur that could impact this Safeguard",
16036
16001
  implementationGroup: "IG2",
16037
- assetType: ["users"],
16002
+ assetType: ["Users"],
16038
16003
  securityFunction: ["Respond"],
16039
16004
  governanceElements: [ // Orange - MUST be met
16040
16005
  "determine which primary and secondary mechanisms will be used to communicate and report during a security incident",
@@ -16145,7 +16110,7 @@ export class SafeguardManager {
16145
16110
  title: "Conduct Routine Incident Response Exercises",
16146
16111
  description: "Plan and conduct routine incident response exercises and scenarios for key personnel involved in the incident response process to prepare for responding to real-world incidents. Exercises need to test communication channels, decision-making, and workflows. Conduct testing on an annual basis, at a minimum",
16147
16112
  implementationGroup: "IG2",
16148
- assetType: ["users"],
16113
+ assetType: ["Users"],
16149
16114
  securityFunction: ["Recover"],
16150
16115
  governanceElements: [ // Orange - MUST be met
16151
16116
  "plan and conduct routine incident response exercises and scenarios for key personnel involved in the incident response process",
@@ -16256,7 +16221,7 @@ export class SafeguardManager {
16256
16221
  title: "Conduct Post-Incident Reviews",
16257
16222
  description: "Conduct post-incident reviews. Post-incident reviews help prevent incident recurrence through identifying lessons learned and follow-up action",
16258
16223
  implementationGroup: "IG2",
16259
- assetType: ["users"],
16224
+ assetType: ["Users"],
16260
16225
  securityFunction: ["Recover"],
16261
16226
  governanceElements: [ // Orange - MUST be met
16262
16227
  "conduct post-incident reviews"
@@ -16363,7 +16328,7 @@ export class SafeguardManager {
16363
16328
  title: "Establish and Maintain Security Incident Thresholds",
16364
16329
  description: "Establish and maintain security incident thresholds, including, at a minimum, differentiating between an incident and an event. Examples can include: abnormal activity, security vulnerability, security weakness, data breach, privacy incident, etc. Review annually, or when significant enterprise changes occur that could impact this Safeguard",
16365
16330
  implementationGroup: "IG3",
16366
- assetType: ["users"],
16331
+ assetType: ["Users"],
16367
16332
  securityFunction: ["Recover"],
16368
16333
  governanceElements: [ // Orange - MUST be met
16369
16334
  "establish and maintain security incident thresholds",