After going through all of the considerations provided by Zimmerman the bottom-line conclusion must be that: if an ISAC or IASO is going to run it’s own SOC, it must meet professional standards (2014). The following deck stack provides the c-Community with a summary of the performance standards that could be used for evaluation. It also walks the user through how to systematically evaluate the various types of documentation methods for tracking incidents.
Zimmerman, C. (2014). Ten Strategies of a World-Class Cybersecurity Operations Center. The Mitre Corporation.