Conformance of the organisation’s systems and networks to the cybersecurity architecture is evaluated periodically and according to defined triggers, such as system changes and external events
Context and Guidance: The cybersecurity architecture is treated as a resource that helps maintain an organisation’s security posture. Periodic evaluations of conformance to the cybersecurity architecture are a risk-reduction technique. For example, a proposed repurposing or virtualisation of a server is a design decision that should be assessed for its effect on the architecture. Evaluations should include devices that may increase cyber risk to the function, such as mobile assets, personal computing and networking equipment used for remote connectivity, field devices, VoIP, badging and other physical access systems, and digital signage. Advanced cybersecurity techniques such as threat hunting and active defense may aid in identifying non-conforming systems or networks.
Related Practices • Input From: Implementing ARCHITECTURE-1c provides input that may be useful for implementing this practice.