Log monitoring tools
Assign topic to the user
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now 
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now
-A.12.4.1, A.12.4.3 Logs of user activities, exceptions, and security events
This mean, we are required to have a centralized log management system in place e.g. SIEM?
Answer: No. Centralized log management system is one of the solutions that you can use to fulfill these controls if they are applicable, but depending on the size, resources and requirements of your organization, you can manage the logs provided by your applications and systems in decentralized form. Additionally, you also may have situations where you do not use systems to log information, like occurrence books to record physical access.
These articles will provide you further explanation about log and monitoring controls:
- Logging and monitoring according to ISO 27001 A.12.4 https://advisera.com/27001academy/logging-according-to-iso-27001/
- How to perform monitoring and measurement in ISO 27001 https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/
This material will also help you regarding log and monitoring controls:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
Comment as guest or Sign in
Oct 01, 2017