Benchmark: CC4.1.5
Description
Entity's Senior Management reviews and approves the state of the Information Security program including policies, standards and procedures, at planned intervals or if significant changes occur to ensure their continuing suitability, adequacy and effectiveness.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select CC4.1.5.
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.soc_2_2017_cc_4_1_5
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.soc_2_2017_cc_4_1_5 --share
Controls
- Ensure that Cloud Audit Logging is configured properly across all services and all users from a project
- Ensure that Cloud DNS logging is enabled for all VPC networks