Audit and Accountability (AU) Archives - Findings

do you maintain a procedure to verify all monitored assets are reporting logs consistently?

do you maintain a procedure to verify all monitored assets are reporting logs consistently?

Do the systems supporting ‘s data provide capability to collected audit information and organizes it in a summary format that is more meaningful to analysts?

Do the systems supporting ‘s data provide capability to collected audit information and organizes it in a summary format that is more meaningful to analysts?

Do the systems supporting ‘s data provide alert functions?

Do the systems supporting ‘s data provide alert functions?

Do the systems supportiung collect audit information (e.g. logs) into one or more central repositories?

Do the systems supportiung collect audit information (e.g. logs) into one or more central repositories?

Are you monitoring logs to detect suspicious activity?

Are you monitoring logs to detect suspicious activity?

Do you perform such monitoring on a board activity level ?

Do you perform such monitoring on a board activity level ?

Please describe the review methodology

Please describe the review methodology

Does the system protect audit information and audit tools from unauthorized access, modification, and deletion?

Does the system protect audit information and audit tools from unauthorized access, modification, and deletion?

Is access to management of audit functionality authorized only to a limited subset of privileged users?

Is access to management of audit functionality authorized only to a limited subset of privileged users?

Does the company use mechanisms across different repositories to integrate audit review, analysis, correlation, and reporting processes?

Does the company use mechanisms across different repositories to integrate audit review, analysis, correlation, and reporting processes?

1
2