Monitoring Security Audit Checklist
Monitoring Security Audit Checklist
Clause 10.10 ISO 27001
1. Audit Logging
• Whether audit logs recording user activities, exceptions, and information security events are produced and kept for an agreed period to assist in future investigations and access control monitoring.
• Whether appropriate Privacy protection measures are considered in Audit log maintenance.
2. Monitoring system use
• Whether procedures are developed and enforced for monitoring system use for information processing facility.
• Whether the results of the monitoring activity reviewed regularly.
• Whether the level of monitoring required for individual information processing facility is determined by a risk assessment.
3. Protection of log information
• Whether logging facility and log information are well protected against tampering and unauthorized access.
4. Administrator and operator log
• Whether system administrator and system operator activities are logged.
• Whether the logged activities are reviewed on regular basis.
5. Fault logging
• Whether faults are logged analyzed and appropriate action taken.
• Whether level of logging required for individual system are determined by a risk assessment, taking performance degradation into account.
6. Clock Synchronization
• Whether system clocks of all information processing system within the organization or security domain is synchronized with an agreed accurate time source.
• The correct setting of computer clock is important to ensure the accuracy of audit logs.
Related documents
Advertisement
Sponsor sites:
1. Phrases For Performance Appraisals.
2. Interview questions and answers.
This entry was posted
on Tuesday, November 24th, 2009 at 4:16 pm and is filed under ISO 27001 checklist.
You can leave a response, or trackback from your own site.
