IT Auditing and Logging Standard Policy

Subscriber Content
Screenshot of the first page of IT Auditing and Logging Standard Policy

The purpose of this auditing and logging standard is to ensure that all company systems are auditable and that proper procedures are in place to identify and resolve all high-risk security, integrity and/or availability issues.

Sample procedures include logging all actions taken by any individual with root or administrative privileges; recording all access to log files or systems; reporting all valid or invalid logical access attempts; logging the creation and deletion of system-level objects; retaining audit logs in accordance with the data retention policy; identifying the user identification, type of event, date and time, and origination of events; and disabling or turning off log services.


Topics
Compliance
IT Risk
IT Audit
Internal Controls
IT Security
Risk Assessment

Related Resources

Benchmarking Reports

Five Success Factors for IT Audit

Benchmarking Reports

A Look at Key IT Audit Issues: Six Focal Points for CAEs

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It