Scribd
Upload
22 views6 pages

27 - Logging and Monitoring Policy - 27001

Uploaded by

Saif Rehman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
22 views6 pages

27 - Logging and Monitoring Policy - 27001

Uploaded by

Saif Rehman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

ToothFairyAI

Policy for Logging and Monitoring

Code: 27_LMP

Version: 1.0

Date of version: 05 Mar 2025

Created by: Saif ur Rehman

Approved by: Gabriele Sanguigno

Classification: Internal
ToothFairyAI

Change History
Date Version Created by Description of change

05 Mar 2025 1.0 Saif Ur Rehman Defining organizational logging and


monitoring policy

Logging and monitoring policy Ver 1.0 Page 2 of 6


ToothFairyAI

Table of contents
1. PURPOSE, SCOPE AND USERS................................................................................................................. 4

2. REFERENCE DOCUMENTS....................................................................................................................... 4

3. POLICY.................................................................................................................................................. 4

3.1. LOGGING RESPONSIBILITY............................................................................................................................4


3.2. EVENT LOGGING........................................................................................................................................4
3.3. PROTECTION OF EVENT LOGS........................................................................................................................5
3.4. ADMINISTRATOR AND OPERATOR LOGS..........................................................................................................5
3.5. CLOCK SYNCHRONISATION...........................................................................................................................5
3.6. LOG RETENTION.........................................................................................................................................5

4. VALIDITY AND DOCUMENT MANAGEMENT............................................................................................ 5

Logging and monitoring policy Ver 1.0 Page 3 of 6


ToothFairyAI

1. Purpose, scope and users


Logging and monitoring of the networks and user activities is crucial in preventing the unauthorized
access to the information and associated assets. It also serves a critical function in effective incident
response. The purpose of this policy is to address the identification and management of risk the of
system-based security events by logging and monitoring systems.

This policy is applicable to all the networks and software including the business solutions of the
ToothFairyAI.

Users of this document are the IT, development Dept., and ISMS management of ToothFairyAI.

2. Reference documents
 ISO 27001 standard, clause 8.15, 8.16, 8.17

3. Policy
All devices, business and operation software that process, store, or transmit confidential or personal
information have audit and logging enabled, where logging is possible and practical and can generate
audit logs.

3.1. Logging responsibility

Event logging and monitoring is performed by authorised personnel only. Event logging and
monitoring systems and reports are strictly protected and restricted in line with the access control
policy and data retention schedule. Where possible, system administrators should not have
permission to erase or de-activate logs of their own activities.

3.2. Event Logging

Event logs recording user activities, exceptions, faults, and information security events should be
produced, kept, and regularly reviewed.

Event logs should include, when relevant:

 user IDs.
 system activities.
 dates, times, and details of key events, e.g., log-on and log-off.
 device identity or location if possible and system identifier.
 records of successful and rejected system access attempts.
 records of successful and rejected data and other resource access attempts.
 changes to system configuration.
 use of privileges.
 use of system utilities and applications.
 network addresses and protocols.

Logging and monitoring policy Ver 1.0 Page 4 of 6


ToothFairyAI

 alarms raised by the access control system.


 Transaction affecting personal or sensitive data.

Automated monitoring systems which can generate consolidated reports and alerts on system
security are used where possible.

3.3. Protection of event logs

Logging facilities and log information should be protected against tampering and unauthorized
access.

Controls protect against unauthorized changes to log information and operational problems with the
logging facility including:

 alterations to the message types that are recorded


 log files being edited or deleted
 storage capacity of the log file media being exceeded, resulting in either the failure to record
events or over-writing of past recorded events.

3.4. Administrator and operator logs

System administrator and system operator activities should be logged, and the logs protected and
regularly reviewed.

Privileged user account holders may be able to manipulate the logs on information processing
facilities under their direct control; therefore, it is necessary to protect and review the logs to
maintain accountability for the privileged users.

An intrusion detection system managed outside of the control of system and network administrators
can be used to monitor system and network administration activities for compliance.

3.5. Clock synchronisation

The clocks of all relevant information processing systems within an organization or security domain
should be synchronised to a single reference time source. ToothFairyAI use linux, have one Windows
machine, so the ntp for ubuntu and amazon linux will be added.

Time data is protected and Time settings are received from industry-accepted time sources being:
time.windows.com

3.6. Log retention

Event logs from the last 3 months are immediately available. Event logs are retained for 12 months
or longer as determined by current Microsoft 365 allowances.

4. Validity and document management


 This document is valid as of 05 Mar 2025.
 This document will be made available to all the relevant stakeholders on NextCloud.

Logging and monitoring policy Ver 1.0 Page 5 of 6


ToothFairyAI

Logging and monitoring policy Ver 1.0 Page 6 of 6

You might also like