SI-05-727 Security Alerts, Advisories, and Directives

Security Alerts, Advisories, and Directives

Control ID

SI-05-727

Control Name

Security Alerts, Advisories, and Directives

Control Category

System and Information Integrity

Functional Areas

Protect

Sub-Areas

System Communications Protection

NIST Baseline Level(s)

LOW, MOD, HIGH

NIST Priority

State Implementation Required

Yes

Agency Last Implemented Date

May 20, 2016

Agency Implementation

The Agency receives information security advisories from the Texas A&M University System ("TAMUS") Security Operations Center, Texas Department of Information Resources (TxDIR), Multistate Information Sharing and Analysis Center (MS-ISAC), and United States Computer Emergency Repsonse Team (US-CERT). The chief information security officer issues security directives to information resources owners, custodians and users when intelligence indicates an information security alert or advisory may have a negative impact on Agency information resource operations.

Risk Statement

Contacts with special interest groups or other specialists security forums and professional associations is not coordinated or performed as a result of ill-defined processes.

Control Description

The organization: a. Receives information system security alerts, advisories, and directives from [Assignment: organization-defined external organizations] on an ongoing basis; b. Generates internal security alerts, advisories, and directives as deemed necessary; c. Disseminates security alerts, advisories, and directives to: [Selection (one or more): [Assignment: organization-defined personnel or roles]; [Assignment: organization-defined elements within the organization]; [Assignment: organization-defined external organizations]]; and d. Implements security directives in accordance with established time frames, or notifies the issuing organization of the degree of noncompliance.

Control Example

The organization periodically submits security directives to personnel for dissemination as appropriate.

State Implementation

The state organization receives information system security alerts/advisories on a regular basis, issues alerts/advisories to appropriate personnel, and takes appropriate actions in response.

Testing Procedures

Obtain system and information integrity policy; procedures addressing security alerts and advisories; NIST Special Publication 800-40; records of security alerts and advisories; other relevant documents or records and ascertain if: (I)the organization receives information system security alerts/advisories on a regular basis. (ii)the organization issues security alerts/advisories to appropriate organizational personnel. (iii)the organization takes appropriate actions in response to security alerts/advisories. (iv)the organization maintains contact with special interest groups (e.g., information security forums) that: -facilitate sharing of security-related information (e.g., threats, vulnerabilities, and latest security technologies). -provide access to advice from security professionals. -improve knowledge of security best practices.