ISM-0021 Removed History 2008 The ITSA must be responsible for ensuring the regular review of: a. system security b. system audit trails and logs c. the integrity of system configurations.