They have SIEM tool idk why they would deleted it but I guess they will be able to tell based on the lack of data. Also government requires you to keep logs for two years and store in off location. Not sure why they would not have logs when that is part of RMF requirements and someone would have to identify the risks and sign off accepting it.
They have to do a yearly audit I believe. At the end of the day who ever signs off on it is held responsible. From my understanding they submit these packages in a portal. Also there are owners and when risks come up they have to submit a memo identifying impact. So who is the ISSM for this government program/contract? Basically they could go to jail. How I understand government Risk Management Framework.
They have SIEM tool idk why they would deleted it but I guess they will be able to tell based on the lack of data. Also government requires you to keep logs for two years and store in off location. Not sure why they would not have logs when that is part of RMF requirements and someone would have to identify the risks and sign off accepting it.
They have to do a yearly audit I believe. At the end of the day who ever signs off on it is held responsible. From my understanding they submit these packages in a portal. Also there are owners and when risks come up they have to submit a memo identifying impact. So who is the ISSM for this government program/contract? Basically they could go to jail. How I understand government Risk Management Framework.