DE.AE-06.302

Does your organization have a documented process for manually creating and assigning tickets in your ticketing system when technical staff discover potential security incidents or indicators of compromise?

Explanation

This question assesses whether your organization has formalized the process of tracking and responding to potential security incidents through your ticketing system. When technical staff discover suspicious activities or indicators of compromise, having a standardized process ensures these observations are properly documented, assigned to appropriate personnel, and tracked to resolution rather than being overlooked or handled inconsistently. Evidence could include a documented procedure for security incident ticketing, screenshots of ticket templates specifically designed for security incidents, or examples of redacted security incident tickets showing the workflow from creation to resolution.

Implementation Example

Manually create and assign tickets in the organization's ticketing system when technical staff discover indicators of compromise

ID: DE.AE-06.302

Context

Function: DE: DETECT
Category: DE.AE: Adverse Event Analysis
Sub-Category: Information on adverse events is provided to authorized staff and tools

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub