Logs management

In a company in the policy they have mentioned log management. but in practice there is no log management system.
At webinar you gave answer as in the server all will be recording. But what is the problem in the organisation there is no server.
Only workstations  160 systems function as workgroup only.
Each and every system it contains logs . what to do in this situation. is it a nc .if nc is it a major or minor.
Their core business is SDLC, and BPO there also no logs.

Answer:

The key question here is : Do need logs at all? Your risk management process will give you the answer. This article can help you:

However, logs are an essential way to register what happens so that you can come back on them when needed. Centralising the logs makes it easier to read and analyse them without impacting on the operations.

Analysing logs require to accessing them first and requires time, and expertise to understand their coding and to discover the trends that’s the data hide. Most of the time using a specific tool is he lpful. Doing it with a server allows you 1) to gather all logs on one single place, 2) use one single tool and 3) use the server time and not the work station time, even if the analysis can be done in backlog (outside the work time, and potentially detecting issues to late so you aren’t able to react adequately) or as a ‘backstage’ application. You then gain time and the cost of the analysis tools.

These blog posts can probably help you further:
“The basic logic of ISO 27001: How does information security work?”: https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/.
“ISO 27001 risk assessment & treatment – 6 basic steps » : https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
« Risk assessment tips for smaller companies » : https://advisera.com/27001academy/blog/2010/02/22/risk-assessment-tips-for-smaller-companies/