Having standards for security configurations and performance is useless without the ability to detect deviations from those standards. This control requires all critical systems to be monitored to ensure those systems are configured and performing the way we intend. If this monitoring identifies a security incident, this control also requires us to manage that incident fully until it is marked as resolved. To test this control, review relevant issues in the Security Operations issue tracker. This testing is sufficient because it shows security incidents are being reported on, acknowledged, handled, and closed appropriately by authorized team members.