Solved

ISO 27002 log retention length requirements

Posted on 2008-06-11
1
1,463 Views
Last Modified: 2008-06-12
Does anyone know what the ISO 27002 log retention length requirements are, if there are any?  Is there a reference that I can review?
0
Comment
Question by:Sysdeath
1 Comment
 
LVL 37

Accepted Solution

by:
Bing CISM / CISSP earned 500 total points
ID: 21766682
the reference is just the standard itself.

as per section 10.10.1 Audit logging of ISO/IEC 27002,

"Audit logs should include, when relevant:

a) user IDs;
b) dates, times, and details of key events, e.g. log-on and log-off;
c) terminal identity or location if possible;
d) records of successful and rejected system access attempts;
e) records of successful and rejected data and other resource access attempts;
f) changes to system configuration;
g) use of privileges;
h) use of system utilities and applications;
i) files accessed and the kind of access;
j) network addresses and protocols;
k) alarms raised by the access control system;
l) activation and de-activation of protection systems, such as anti-virus systems and intrusion detection systems."

there is no particular *length* requirements in the standard, as a log should be the content of what actually happened, not the amount.

for more information, you may read section 10.10 Monitoring

hope it helps,
bbao
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now