Concept of Operations (ConOps) — ISO/IEC/IEEE 15289 — Description | IEEE 29148 §6.1
Generated 2026-03-27 — UHT Journal / universalhex.org
flowchart TB n0["system<br>Cybersecurity Operations Centre"] n1["actor<br>Enterprise IT/OT Network"] n2["actor<br>SOC Analysts (L1/L2/L3)"] n3["actor<br>CISO / Executive Management"] n4["actor<br>External CTI Feeds / ISACs"] n5["actor<br>IT Service Management"] n6["actor<br>Regulators / National CERT"] n1 -->|Logs, telemetry, network traffic| n0 n0 -->|Containment actions, firewall rules| n1 n0 -->|Alerts, dashboards, case data| n2 n2 -->|Investigation, triage decisions| n0 n0 -->|Executive reports, risk posture| n3 n4 -->|IOCs, threat feeds, advisories| n0 n0 -->|Sighting reports, shared IOCs| n4 n0 -->|Incident tickets, remediation tasks| n5 n0 -->|Breach notifications, compliance reports| n6
Cybersecurity Operations Centre — Context