CMMC Practice IR.2.093: Detect and report events.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
Detect events on your network. An event is any observable occurrence on the network. You can detect events several ways, including through:
- observations of breakdowns in processes or loss in productivity;
- observations such as alarms and alerts, notification from other organizations; and
- the results of audits or assessments.
After you detect an event, determine if it will affect organizational assets and/or has the potential to disrupt operations. This may require the start of the incident process.