SI-4: System Monitoring
NIST Baseline: Low
DIR Required By: 07/20/2023
TAMUS Required By: 08/01/2022
Review Date: 08/22/2024
- The Tarleton State University (Tarleton) Chief Information Security Officer (CISO) or their designee is responsible for implementing information security monitoring. The Tarleton Office of Innovative Technology Solutions (OITS) Security Team assists the CISO with network security monitoring and any other security monitoring needed across Tarleton information resources must be coordinated through the OITS – Security Team and CISO, as needed.
- High and Moderate Impact information resources must be monitored to detect:
- Attacks and indicators of potential attacks;
- Unauthorized local, network, and remote connections;
- Unauthorized access or use;
- Attempts to deny service or degrade the performance; and
- Automated tools should be used where deemed beneficial.
- Low Impact information resources can enable operating system logging features and other security monitoring features when necessary.
- Logs and other data generated by security monitoring should be reviewed and analyzed periodically based on risk management decisions by the system administrator in coordination with the CISO and OITS Security Team.
- Any significant security issues discovered and/or signs of unauthorized activity will be reported following Control IR-6, Incident Reporting.