Guest user Created: May 01, 2018 Last commented: May 01, 2018

Log monitoring and review

We've implemented automatic log monitoring by sending alerts from the rules violation for the logs. Now since monitoring of logs through sending automatic alerts has been implemented, do we also need to conduct log reviews for ISO 27001 ?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal May 01, 2018

NOTE : 'Control 12.4 Logging and Monitoring' has been marked applicable in the Statement of Applicability.

Answer: By monitoring you are collecting and recording information about specific events, while review refers to a critical evaluation of the gathered results (and sometimes the set of data can show relevant information that cannot be seen from isolated events), so these are different actions, and control A.12.4.1 (Event logging Control) requires not only log recording, but also the review of the collected data.

This article will provide you further explanation about log and monitoring:
- Logging and monitoring according to ISO 27001 A.12.4 https://advisera.com/27001academy/logging-according-to-iso-27001/

These materials will also help you regarding log and mon itoring:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 01, 2018

Expert Advice Community