One of the most common pain points across organizations is the amount of data generated across the company, sometimes including redundant data (different perspectives for the same threat or gap). All this data needs to be transformed into useful information that business asset owners can use to prioritize, strategize, and manage the risk portfolio they own.
This section manages the extraction, transformation, cleansing, and loading of information into a common data model either for analytical or operational goals.
Typical Extract, Transform, and Load (ETL) data normalization, data mining, balance scorecard, among other capabilities will reside here.
This domain was created looking to simplify all these sources of data by having a data management approach. All data containers are allocated on this domain, where eventually they can be extracted, transformed, and loaded into the following:
- Operational data store. All day-to-day and transactional information will be allocated here, using a 360 degrees perspective around information assets (i.e. application and infrastructure vulnerabilities, patching gaps, penetration test results, audit findings, and controls per asset).
- Data Warehouse. All historical transactions will be used to develop a data warehouse or data mart that can measure the success obtained with the risk management program. Also this model can be used to identify behavior patterns, trends, tendencies, and systemic gaps across the organization.
When an administrator creates a user account, the ID and Password are stored in a user directory. When that user logs into the system, a log entry that shows the date and time of that log in is stored in the security-monitoring database.
Relationships to Other Domains
The Information Services domain provides contextual support for Application and Presentation service domains. The Information Technology Operations and Support domain governs the Application Service change and deployment process other domains are required to periodically implement. The Business Operations Support Services domain governs security monitoring for information service applications. The BOSS domain then monitors the activities being performed by applications for any unusual behavior.
|Configuration Rules (Metadata)|
|Configuration Management Database (CMDB)|
|Problem Manage- ment||Incident Manage- ment||CMDB|
|Knowledge Manage- ment||Service Manage- ment||Change Manage- ment|