Auditing and Logging Policy
Many computer systems, network devices and other technological hardware used in the enterprise can audit and log various activities. These activities include network traffic, internet access, creating or deleting users, adding users to groups, changing file permissions, transferring files, opening the case, powering off, deleting system logs, and anything else a user, administrator or the system itself might do.
This policy from TechRepublic Premium provides guidelines for the appropriate use of auditing and logging in computer systems, networks and other devices that store or transport critical and/or security-sensitive data. It includes methods for securing logs and interpreting the resulting data to make the best use of it.
From the policy:
Monitoring, notifications and reviewing audit logs
It is recommended that automated monitoring controls be established to ensure auditing and logging work as outlined in this policy and to alert of any attempts to tamper with the related settings or functions. (These should be considered emergency alerts.) These controls must not be disabled, turned off or removed.
This download includes a PDF and Word document.
Previously priced at $99, this is now available to download for $29. Or free with Premium annual subscription: click here to find out more.