LOG-2 Logging of Administrative actions

Estimated reading: 2 minutes 1574 views

What is LOG-2 Logging of Administrative Actions Control about?

Logging of Administrative Actions Control is a vital part of enterprise monitoring.

Privileged access comes with great responsibility. Each organization must monitor such access, and the logging and review of administrative actions is one way to do it.

Available tools in the marketplace

Tools:
No tool recommendation is made for this section.

Available templates

TrustCloud has a curated list of templates, internally or externally sourced, to help you get started. Click on the link for a downloadable version:

  • N/A: Each system is different. Refer to the evidence example.

Control implementation

To implement this control,

Enable an audit trail on all systems if possible; however, you can focus on critical systems first and work your way up. Ensure the following are enabled:

  1. Tailor the audit trail to capture administrative actions.
  2. Restrict the audit trail read/edit abilities to a select few.

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

  1. Provide a screenshot of the audit trail configuration settings showing all the items being captured.
  2. Provide a screenshot of the audit trail configuration settings showing that administrative actions are captured.
  3. Provide evidence that the audit trail is restricted to a select few.

Evidence example

For the suggested action, an example is provided below:

  1. Provide a screenshot of the audit trail configuration settings showing all the items being captured.
    The following screenshot shows the action tracked over a period of time.
    LOG 2 Logging of Administrative actions 01
  2. Provide a screenshot of audit trail configuration settings showing that administrative actions are captured.
    The following screenshot shows the types of actions being tracked.
    LOG 2 Logging of Administrative actions 02
  3. Provide evidence that the audit trail is restricted to a select few.
    The following screenshot shows the various user roles and who can see the user’s activity.
    LOG 2 Logging of Administrative actions 03

Join the conversation

You might also be interested in

Documentation Templates

Documentation Templates are documents that provide a content outline to meet certain documentation needs....

Backup policy template – Download for free

The Data Backup Plan template helps you document in detail the data backup needs...

HR-13 Employee Handbook/Code of Conduct

HR-13 Employee Handbook or Code of Conduct communicates the organization’s values and ethics. It...

AUTH-1 Single Sign On (SSO)

Single Sign On (SSO) Control is a best practice recommendation for critical systems....

Security Incident Report Template

The Security Incident Report template helps you document the steps used to assess and...

BIZOPS-6 Disaster Recovery Testing

BIZOPS-6 Disaster Recovery Testing control refers to the exercise of identifying the critical systems...

PDP-10 SDLC – Separation of environments

PDP-10 SDLC Separation of Environments is important to maintain separate environments to develop, test,...

Privacy Committee Charter Template

Privacy Committee Charter serves as a foundational document, establishing the framework for the committee's...
ON THIS PAGE
SHARE THIS PAGE

SUBSCRIBE
FlightSchool
OR