I am looking for a freelancer to label / classify statements to a particular regulatory guideline (NYDFS PART 500). And check if addresses all the questions in the regulatory guideline section. This guideline has 16 sections. I have created a document which describes each section and has questions associated to each section in the guideline.
There are a total of 300 statements that need to be labeled
Statement : For security devices, audit trails (logs) are enabled, retained, and adequately designed to perform forensics on cybersecurity [login to view URL] of these audit trails (logs) is performed on an ongoing basis through the SIEM tool.
You will read the summary and description from the document that I have created for NYDFS part 500. And assess which sections does the statement match.
This statement maps to "Section 500.06"
Next you will check if it answers all the questions in section 500.06. There are 2 questions associated to section 500.06 in the document.
Question 1: Are audit trails maintained and designed to detect and respond to cybersecurity events?
Question 2 : Are processes to retain the logs in place?
It answers both the questions
You will document all this in an excel sheet.