The information system protects audit records from unauthorized access, modification, and deletion.
Access to audit records should be granted based on a least-privilege basis and only to authorized individuals. Changes to logs, including deletions, should be tracked and approved by authorized individuals. Logs should be backed up per organizational policies.
- Examine policy for the protection of audit records.
- Evaluate the use of technical measures in the protection of audit records.
[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]
Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.