- How the system users identities should be maintained
- How the least amount of privileges principles are enforced to user groups
### 5.2.2 Mitigations for ingested data integrity
This section shall have:
- How the SIEM shall verify the authensity and integrity of the incoming data
- What is expected to happen, if discrepencies are found
### 5.2.3 Mitigations of event collection infrastructure
This section shall have:
- How the SIEM deploys an updated collector or API client software to the managed device?
- How the SIEM shall monitor changes in the connectivity
- How the managed device inventory should be correlated to the existing collection sources
# Annex A (informative): Mapping between the present document and CRA requirements
> Table mapping technical security requirements from Section 5 of the present document to essential cybersecurity requirements in Annex I of the CRA. The purpose of this is to help identify missing technical security requirements.
