Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Operational Best Practices for FFIEC. Closes #418 #420

Merged
merged 18 commits into from
Jun 30, 2022
Merged

Add Operational Best Practices for FFIEC. Closes #418 #420

merged 18 commits into from
Jun 30, 2022

Conversation

vkumbha
Copy link
Contributor

@vkumbha vkumbha commented Jun 22, 2022
edited
Loading

Checklist

  • Issue(s) linked

@vkumbha vkumbha self-assigned this Jun 22, 2022
@vkumbha vkumbha linked an issue Jun 22, 2022 that may be closed by this pull request
Add Operational Best Practices for FFIEC #418
Closed
cbruno10
cbruno10 requested changes Jun 27, 2022
View reviewed changes
Copy link
Contributor

@cbruno10 cbruno10 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vkumbha Please see review comments, thanks!

ffiec/d_1/d_1.sp Outdated Show resolved Hide resolved
ffiec/d_1/d_1.sp Outdated Show resolved Hide resolved
@rajlearner17 rajlearner17 changed the base branch from main to release/v0.37 June 29, 2022 08:41
rajlearner17
rajlearner17 reviewed Jun 29, 2022
View reviewed changes
ffiec/ffiec.sp Outdated Show resolved Hide resolved
misraved
misraved reviewed Jun 29, 2022
View reviewed changes
Copy link
Contributor

@misraved misraved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The controls listed under benchmarks need to be sorted. I have provided comments in a few benchmarks, please verify this across all the other benchmarks.

ffiec/d_1/d_1.sp Outdated Show resolved Hide resolved
ffiec/d_1/d_1_rm.sp Outdated Show resolved Hide resolved
ffiec/d_1/d_1_rm.sp Outdated
}

benchmark "ffiec_d_1_rm_rm_b_1" {
title = "D1.RM.Rm.B.1"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should use the titles as per the official documentation. We could change them once - awsdocs/aws-config-developer-guide#21 is resolved

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will keep an eye on the AWS issue and see if there is a logical explanation for the deviation in the Control ID. However, for the time being, going with the Control Id what I think is right based on the FFIEC document available at https://www.ffiec.gov/cyberassessmenttool.htm.

ffiec/d_2/d_2_ma.sp Outdated Show resolved Hide resolved
ffiec/d_2/d_2_ma.sp Outdated Show resolved Hide resolved
ffiec/d_2/d_2_ti.sp Outdated Show resolved Hide resolved
query/backup/backup_recovery_point_min_retention_35_days.sql Outdated Show resolved Hide resolved
@misraved
Copy link
Contributor

Please make changes wherever required 👍

@misraved misraved merged commit f0095c5 into release/v0.37 Jun 30, 2022
@misraved misraved deleted the 418-add-operational-best-practices-for-ffiec branch June 30, 2022 05:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rajlearner17 rajlearner17 rajlearner17 left review comments

@cbruno10 cbruno10 cbruno10 requested changes

@misraved misraved misraved approved these changes

@khushboo9024 khushboo9024 Awaiting requested review from khushboo9024

Assignees

@vkumbha vkumbha

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add Operational Best Practices for FFIEC
4 participants
@vkumbha @misraved @cbruno10 @rajlearner17