LOG-08: Log Records

Control Family:

Logging and Monitoring

PF v1.0 References:

Info icon.

Control is new to this version of the control set.

Control Statement

Generate audit records containing relevant security information.

Implementation Guidance

Relevant security log information should include but is not limited to:

  • The event type
  • The event time
  • The event location
  • The event source
  • The event outcome
  • The identities of any individuals or systems associated with the event

Auditing Guidance

  1. Examine policy related to audit logging and determine if it includes requirements to generate audit records containing relevant security information.
  2. Examine audit records and determine if they adequately reflect the policy.

[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.