Evidence Description
Monthly review record documenting relevant threats, advisories, indicators, affected assets, and follow-up actions.
What This Evidence Proves
This proves that threat intelligence is not only collected but reviewed and converted into operational action.
Related Controls
Related Risks
Source System
Security Operations Process
Collection Method
Manual monthly review, ticket export, or report attachment.
Review Process
Reviewed by the Security Operations Lead every month.
Audit Notes
The evidence is not audit-ready until the review record includes date, reviewer, intelligence source, decision, and action taken.
- Evidence
- Audit
- Threat intelligence
Note Metadata
Aliases: EVID-0001
Source: 07-Evidence-Library/EVID-0001-Monthly-Threat-Intelligence-Review.md
Graph-sourced resources
Templates and evidence
Risk treatment artifacts
Risk records, mappings, and treatment-supporting references.