+Security Management
---+Architectural and Network Security
------+Network Design and Segmentation
------+Network Security
------+Session Management
---+Security Monitoring & Log Management
------+Security Monitoring (SIEM)
------+Event Identification for Logging
------+Secure Handling of Log Data
---+Data and (Legacy) System Security
------+ICT (Security) Systems, tools, and solutions
------+Data Protection Practices
------+Vendor Recommended Security Settings
------+Endpoint Devices
------+Secure Data Deletion and Disposal
---+Encryption and Cryptography
------+Data Encryption
------+Cryptographic Key Management and Lifecycle
---+Identity and Access Management
------+Authentication Methods
------+Identity Management
------+Privilige Access Management
------+Account Management
---+Physical and Environmental Security
------+Physical and Environmental Security
---+Security Awareness
------+Resilience Training Programs
------+Inclusion of Third-Party Providers
---+Vulnerability and Patch Management
------+Resource Management
------+Vulnerability Management
------+Patch Management

1. Übersicht

Security Management

None

Bezeichnung	Standard
Architectural and Network Security	None
Security Monitoring & Log Management	None
Data and (Legacy) System Security	None
Encryption and Cryptography	None
Identity and Access Management	None
Physical and Environmental Security	None
Security Awareness	None
Vulnerability and Patch Management	None

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen
Source	Anforderung

3. Related Regulations

Regulations
Source	Regulierung

NOREA -
Copyright by NOREA, de beroepsorganisatie van IT-auditors

DORA in Control Framework

Impressum Deutsch Englisch