When to use this
Use this register to track log sources, event types, retention periods, protection methods, and review ownership.
Related controls
Register
| System/source | Log type | Events captured | Destination | Retention | Protected from admin tampering? | Review owner |
|---|---|---|---|---|---|---|
| TBD | Audit/security/fault/admin | TBD | SIEM/log store | TBD | Yes/No | TBD |
Minimum checks
- Critical systems are included.
- Privileged activity is included.
- Retention meets investigation needs.
- Destination is protected.
- Review owner is assigned.
- Template
- Iso27001
- Technological controls
- Logging
Note Metadata
Aliases: Log Source Register
Source: 90 Templates/Log Source and Retention Register.md
Related Notes
- A.8.15 Audit Evidence Pack
- ISO 27001 A.8.15 - Logging
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.15 Audit Checklist
- Logging and Monitoring Standard
- Monitoring Coverage and Data Source Map
- Templates MOC