Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

ISO Log Retention

  Quote
Guest
Guest user Created:   Aug 04, 2020 Last commented:   Aug 04, 2020

ISO Log Retention

Just wanted to know whether there has been any log retention defined in ISO for storing system logs in terms of number of days/years. Like in PCI-DSS, there 's a requirement to store the logs for 1 year, can you please confirm if there's anything as such from ISO perspective.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 04, 2020

ISO 27001 does not prescribe keeping maintenance logs.

For ISO 27001, the need to keep logs is defined by the results of risk assessment and applicable legal requirements, and also by the need to prove to auditors that security processes are being performed. These are the elements that will help you define which information must be logged, as well as for how long.

These articles will provide you a further explanation about logging:

This material will also help you regarding logging:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 04, 2020

Aug 04, 2020

Suggested Topics