After going through all of the considerations provided by Zimmerman the bottom-line conclusion must be that: if an ISAC or IASO is going to run it’s own SOC, it must meet professional standards (2014). The following deck stack provides the c-Community with a summary of the performance standards that could be used for evaluation. It also walks the user through how to systematically evaluate the various types of documentation methods for tracking incidents.
________________________________
Reference:
Zimmerman, C. (2014). Ten Strategies of a World-Class Cybersecurity Operations Center. The Mitre Corporation.