Auditing and logging policy

Auditing and logging are essential measures for protecting mission-critical systems and troubleshooting problems. This policy outlines the appropriate auditing and logging procedures for computer systems, networks and devices that store or transport critical data.

From the policy:

Many computer systems, network devices and other technological hardware used in the enterprise can audit and log various activities. These activities include network traffic, internet access, creating or deleting users, adding users to groups, changing file permissions, transferring files, opening the case, powering off, deleting system logs, and anything else a user, administrator or the system itself might do.

Auditing and logging make up the first line of defense for ensuring system and environmental integrity and troubleshooting problems in a mission-critical environment.

Whether an administrator makes a mistake, a hardware component fails, a hacker breaches a system, an inordinate amount of network bandwidth is being consumed or a user attempts to gain unauthorized access to a database, audit logs will help pinpoint what happened and how to resolve the issue.

Collecting events in log files is only half the goal. Establishing a framework for monitoring and reviewing events is the other half, so day-to-day administration, critical issues and security-related incidents can be handled appropriately. Therefore, following a set of guidelines to implement and administer effective auditing and logging is a critical task for any IT department.

Resource Details

or

* Sign up for a TechRepublic Premium subscription for $299.99/year, and download this content as well as any other content in our library. Cancel anytime. Details here.

Provided by:
TechRepublic Premium
Published:
February 2, 2023
Topic:
TechRepublic Premium
Format:
PDF
or

* Sign up for a TechRepublic Premium subscription for $299.99/year, and download this content as well as any other content in our library. Cancel anytime. Details here.