graphgrc

SCF - THR-02 - Indicators of Exposure (IOE)

Mechanisms exist to develop Indicators of Exposure (IOE) to understand the potential attack vectors that attackers could use to attack the organization.

Mapped framework controls

ISO 27002

• A.5.7

SOC 2

• CC3.3

Control questions

Does the organization develop Indicators of Exposure (IOE) to understand the potential attack vectors that attackers could use to attack the organization?

This site is open source. Improve this page.