SOC Maturity level By AmiBiro Posted on October 14, 2018May 4, 2020 Category : Welcome to your SOC Maturity Email Do you have a training program in place? YES - for TIER1 NO YES - for all roles in the SOCIs skill assessment regularly updated with new skills? NO Which assessment? YESIs the SOC charter document approved by the business / CISO? NO On-Going YES OtherDo you have a satisfactory physical SOC location? YES- but is very small YES NODo you have service level agreements with these customers? YES YES but not published yet NO On-GoingDo you formally differentiate roles within the SOC? NO YESHave you identified the main business drivers? NO PARTIAL YES FULLIs there a SOC management process in place? YES - fully implemented NO YES - but not fullyDo you use documented workflows? YES NODo you perform regular teambuilding exercises? YES - every month YES - every year NODo you use external employees /contractors in your SOC? Internal full time employees External employees ContractorsDo you have a formally described shift turnover procedure? NO YES - partly YES - fully implementedDo you have a career progression process in place? NO YESDoes the SOC have a formal charter document in place? On-Going NO YES NOT FullyDo you have regular workshops for knowledge development? YES - 3 times in a year YES - once in a year NOHave you identified the SOC customers? ON-GOING NO YES but not fully YESWhich of the following roles are present in your SOC? SOC Manager Incident Handler Penetration Tester Security Analyst Team Leader Security Specialist Incident Manager Threat Analyst Security Architect Security EngineerIs there a reserved budget for education and training? NO YESIs there a governance process in place? YES NO YES-Fully implemented Yes - not implemented yetDo you measure employee satisfaction for improving the SOC? NO YES Working on atTime is Up!
