Professional Documents
Culture Documents
Rakesh Maheshwari
STQC Directorate
Department of Information Technology
Ministry of Communications & IT
rakesh@mit.gov.in
Log management
A 5 Security Policy
A.5
A.15 Compliance
8. ISMS Improvements
Comments
F ll Control
Full C t l Objective
Obj ti dedicated
d di t d to
t logs.
l
ISO/IEC 27001:2005
Comments
Objectives of this control is to ensure correct and secure operation of information
processing facilities
facilities.
A10.1.3 Doer and the approver will be different. A centralised Sys Log services are
recommended.
Ver 1.0 ISO 27001 and Log Management 10
Communications and Operations Mgmt
ISO/IEC 27001
27001:2005
2005
Comments
System Planning and acceptance reduces the risk of system failure.
Comments
Logs
g of Virus detected and outbreak Incident provides
p sufficient information about the
effectiveness of the Antivirus on Systems and Email gateway.
Comments
Verification of User Creation, Rights grant and removal of rights
from logs.
logs
Comments
I f
Information
ti obtained
bt i d from
f analysis
l i off various
i logs
l provides
id
information about the security events and weakness.
Ver 1.0 ISO 27001 and Log Management 16
Incident management
g
ISO/IEC 27001:2005
Comments
R
Recording
di off Incidents
I id t by b analyzing
l i theth logs.
l
Ver 1.0 ISO 27001 and Log Management 17
Compliance
ISO/IEC 27001
27001:2005
2005
Comments
Measurement of effectiveness of controls : eg To check the effectiveness of IPS,
IPS logs of
the webserver can be seen; It will provide information about effectiveness of IPS.
Ver 1.0 ISO 27001 and Log Management 19
Clause: Framework Part
ISO/IEC 27001
27001:2005
2005
Comments
Comments
Comments
Comments
Information can be :
C t d
Created St d
Stored D t
Destroyed
d?
Lost! Corrupted!