SOC 2 · CC7 System Operations
CC7.2 Security event monitoring
The entity monitors system components for anomalies indicative of malicious acts, natural disasters and errors.
Mapped across 11 provisions
Equivalent and related requirements in other frameworks and regulations.
- CIS Controls v8EquivalentCurated8.1 Establish and maintain an audit log management process
Logging, monitoring & detection
- DORAPartialCuratedArt. 10 Detection
Logging, monitoring & detection
- GLBAEquivalentCurated§314.4(c)(8) Monitoring and logging of authorized user activity
Logging, monitoring & detection
- HIPAAEquivalentCurated§164.312(b) Audit controls
Logging, monitoring & detection
- ISO 27001EquivalentCuratedA.8.16 Monitoring activities
Logging, monitoring & detection
- ISO 27001EquivalentCuratedA.8.15 Logging
Logging, monitoring & detection
- NIST 800-171EquivalentCurated3.3.1 Create and retain audit logs
Logging, monitoring & detection
- NIST 800-53EquivalentCuratedAU-2 Event logging
Logging, monitoring & detection
- NIST CSF 2.0EquivalentCuratedDE.CM-01 Networks and services monitored
Logging, monitoring & detection
- NIST CSF 2.0EquivalentCuratedPR.PS-04 Log records generated for monitoring
Logging, monitoring & detection
- PCI DSSEquivalentCuratedReq. 10 Log and monitor all access to system components and cardholder data
Logging, monitoring & detection