Does the application ensure restricted access to its audit logs and is configured to prohibit tampering and unauthorized deletion?
Are all workstations (PC or other) which access customer systems/data themselves secured against unauthorized access by at minimum user id and password?
Does the application maintain audit log capabilities that captures the type of event that occurred, when the event occurred, where the event occurred, the source of the event and the outcome, the individuals associated with the events and the audit processing failures?
Is there sufficient audit record storage capacity for audit logs that are captured and retained?
Are system administrators notified when the audit storage capacity is reached and has a pre-determined course of action been established in the event that the audit storage does reach capacity?
Are audit records retained for 90days online and at least 1 year offline?