Component Name
Objective
Describe the role of this component within the security lifecycle.
Security Role
Explain how this component contributes to:
- Risk mitigation
- Control enforcement
- Detection capability
- Recovery or resilience
Related Risks
List relevant Risk IDs from the risk register.
Related Controls
List associated Control IDs from the control framework.
Architecture Position
Describe where this component sits in the overall architecture and which trust boundary it belongs to.
Configuration Overview
Summarize key configuration principles:
- Access restrictions
- Hardening measures
- Network exposure level
- Authentication model
Avoid listing every command — focus on security decisions.
Logging & Monitoring
- What events are generated?
- Where are logs sent?
- Are alerts configured?
Known Limitations
Document current weaknesses or incomplete configurations.
This is important for credibility.
Future Improvements
Planned enhancements or controls to strengthen this component.