Regulations require the ability to escalate and alert when a compliance breach occurs or when an event is not being processed in a timely manner. For example, the Federal Information Security Management Act (FISMA), requires that each federal agency develop, document and implement agency-wide information security programs which includes the process for reporting and escalating security incidents.
ControlCase Incident Manager delivers the most comprehensive incident management system available. It centralizes the reporting, tracking and resolution of incidents in an easy-to-use, Web-based format. It allows organizations to stay in front of incidents that, if left unattended, could cause serious consequences. ControlCase Incident Manager enables
secure reporting, as mandated in FISMA, to US-CERT through PGP encryption.
ControlCase Incident Manager tracks the lifecycle of an event using four phases:
Events: Receive events through email, web based interface or connect to third party system using interfaces.
Incidents: Classify appropriate events as incidents and assign them to investigators.
Response: Provide centralized view for incident handling and evidence chain of custody.
Reporting: Report to third parties such as FBI and CSIRT, internal parties for SLA's and total incident cost.
During each phase of the lifecycle, access controls strictly govern a users' ability to access data. In addition, all entries are logged and the evidence chain of custody ensures that evidence is accounted for through each step of the investigation.