Discuss organizational requirements and constraints. Review and compose a list of questions like ones provided below with respect to this area of an IDPS to ask.
• What requirements are levied from outside the organization?
• Is your organization subject to oversight or review by another organization?
• Are there requirements for public access to information on your organization’s systems?
• Are there other security-specific requirements levied by law?
• Are there internal audit requirements for security best practices or due diligence?
• Is the system subject to accreditation?
• Are there requirements for law enforcement investigation and resolution of security incidents?
• What are your organization’s resource constraints?
• What is the budget for acquisition and life cycle support of intrusion detection hardware, software, and infrastructure?
• Is there sufficient existing staff to monitor an IDPS full time?
• Does your organization have authority to instigate changes based on the findings of an IDPS?