Logging from critical systems, applications and services can provide key information and potential indicators of compromise. Although logging information may not be viewed on a daily basis, it is critical to have for auditing and forensics.
The purpose of this document attempts to address this issue by identifying specific requirements that information systems must meet in order to generate appropriate audit logs and integrate with an organization’s log management function.
The intention is that this language can easily be adapted for use in organization IT security policies and standards, and also in organization procurement standards and templates. In this way, organizations can ensure that new IT systems, whether developed in-house or procured, support necessary audit logging and log management functions.
This policy applies to all production systems on organization Network.
None.
None.