This document was retired in July 2021

This Guide demonstrates how the provision of an effective framework of Protective Monitoring of HMG ICT systems is an essential contribution to the treatment of information security risks.

Protective Monitoring is a set of business processes and contains essential support technology in monitoring and provide risk treatment to how ICT systems are used and to ensure accountability to the systems. This includes facilities of audit trails, audit logs and raising alerts.

However if these processes are not implemented or monitored it would be easy for the abuse of such ICT systems, the information that it possesses by users who wish to misuse the system and information.

The confidentiality, integrity and availability of public sector ICT systems are of upmost importance. This guide shows us how important implementing an effective protective monitoring process for the treatment of information security risks. Other factors must be considered with this, such as the necessary supporting infrastructure, manpower resource, skilled expertise and IA.

The aim of this guide is to provide advice on good practise to adhering to the protective monitoring obligations, the information that needs to be recorded and audited, events generated and alerted generated in response to potential misuse and abuse of the ICT systems as well as anticipated modes of attack.

Intended readers are for all Information Assurance (IA) practitioners.