Log Aggregation, Risk and Control Monitoring, and Reporting

This is the last chapter of Domain 3: Risk Response and Reporting and is divided into two parts. In the first part, we will look at the different sources for collecting logs, tools, and best practices to aggregate them, and how to analyze those logs. In the second part, we will look at risk and control monitoring, different control assessments, risk and control reporting methods, different key indicators for an executive summary, and the appropriate audience for each.

The aim of this chapter is to learn about the different methods of log sources, aggregation, and analysis. We will also learn about risk and control monitoring, reporting, and how to present reports effectively.

In ...

Get ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.