CISOBot - Your AI CISO Assistant

MON-03

Content of Event Logs

Weight: 10/10

Description

Mechanisms exist to configure Technology Assets, Applications and/or Services (TAAS) to produce event logs that contain sufficient information to, at a minimum: (1) Establish what type of event occurred; (2) When (date and time) the event occurred; (3) Where the event occurred; (4) The source of the event; (5) The outcome (success or failure) of the event; and (6) The identity of any user/subject associated with the event.

Control Question

Does the organization configure Technology Assets, Applications and/or Services (TAAS) to produce event logs that contain sufficient information to, at a minimum: (1) Establish what type of event occurred; (2) When (date and time) the event occurred; (3) Where the event occurred; (4) The source of the event; (5) The outcome (success or failure) of the event; and (6) The identity of any user/subject associated with the event?

Control Metadata

Domain:

Continuous Monitoring

Validation Cadence:

Annual

Evidence Request List:

E-AST-01 E-CPL-01

Have questions about this control?

Ask CISOBot for implementation guidance and best practices