Domain Owner: Chief Information Security Officer (CISO)
Frameworks: NIST CSF 2.0 · ISO 27001:2022 · CIS Controls v8
The Cyber Security domain defines the policies, controls, and operational practices that protect the organisation's information assets, infrastructure, and data. It spans identity and access management, threat detection, vulnerability management, and incident response.
Security is a shared responsibility — every engineer, architect, and operator has a role in maintaining the organisation's security posture.
| Page | Description |
|---|---|
| Security Framework | NIST CSF 2.0 mapping, control families, maturity levels |
| Identity & Access Management | Entra ID, IAM governance, Privileged Access, MFA |
| Threat Detection & Response | SIEM (Sentinel), SOC operations, EDR, alerts |
| Incident Response | IR plan, severity classification, response playbooks |
| Vulnerability Management | Scanning, CVSS triage, patching SLAs |
| Domain | Maturity Level | Target | Status |
|---|---|---|---|
| Identity & Access | 4 — Managed | 4 | ✅ On track |
| Network Security | 3 — Defined | 4 | 🟡 In progress |
| Endpoint Security | 4 — Managed | 4 | ✅ On track |
| Data Protection | 3 — Defined | 4 | 🟡 In progress |
| Threat Detection | 3 — Defined | 4 | 🟡 SIEM upgrade |
| Incident Response | 3 — Defined | 3 | ✅ On track |
| Vulnerability Mgmt | 3 — Defined | 4 | 🟡 In progress |
Maturity scale: 1 = Initial, 2 = Developing, 3 = Defined, 4 = Managed, 5 = Optimising
| Role | Name | Contact |
|---|---|---|
| CISO | (see org chart) | #ciso-office |
| Security Architecture Lead | (see org chart) | #arch-security |
| SOC Manager | (see org chart) | #soc-team |
| Security Incident Hotline | — | security@company.com |
| 24/7 Incident Escalation | — | +44 XXX XXX XXXX |
| Framework | Status | Next Audit |
|---|---|---|
| ISO 27001:2022 | ✅ Certified | October 2026 |
| PCI DSS v4.0 | ✅ Compliant (QSA assessed) | March 2027 |
| SOC 2 Type II | ✅ Completed | September 2026 |
| Cyber Essentials Plus | ✅ Certified | July 2026 |