Topic

Event logging policy

Applicable to

all

History

Priority

must

Dec 2022

An event logging policy is developed, implemented and maintained.

Existing controls relating to the development and implementation of cyber security documentation were amended to ensure documentation is maintained throughout its lifetime.

Aug 2019

An event logging policy is developed and implemented.

Security control 0580 was modified to refer to an event logging policy rather than a strategy. The content for such a policy was reviewed and lifted up into associated rational for this security control.

Jul 2019

An event logging strategy is developed and implemented covering events to be logged, logging facilities to be used, event log retention periods and how event logs will be protected.

2015

Agencies must develop an event logging strategy covering:• logging facilities, including availability requirements and the reliable delivery of event logs tologging facilities• the list of events associated with a system or software component to be logged• event log protection and retention requirements.

2010

Agencies must develop and document logging requirements covering:• the logging facility, including:– log server availability requirements– the reliable delivery of log information to the log server• the list of events associated with a system or software component to be logged• event log protection and archival requirements.

2008

Agencies must develop and document logging requirements reflecting the overall audit objectives derived from their ICT security policy and security risk management plan, covering: a. the logging facility, including: 1) log server availability requirements 2) the reliable delivery of log information to the log server b. the list of events associated with a system or software component to be logged c. event log protection and archival requirements.