Advisory Logging and Event Monitoring Standard

Date:	10/05/2018
Organization:	Enterprise Security Office
Referenced Sources:	MGL Chapter 7D, Section 2

This standard establishes requirements for security monitoring and event management to detect unauthorized activities on Commonwealth information systems.

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Skip table of contents

You skipped the table of contents section.

Purpose

The Logging and Event Monitoring Standard establishes requirements for security monitoring and event management to detect unauthorized activities on Commonwealth information systems. This standard defines the following related controls and acceptable practices:

Audit requirements for user activities, exceptions and information security events.
Logging activities and actions required to resolve system fault errors.
Guidelines for the frequency of reviewing audit logs.
Protection of audit logs through technical controls such as file permissions.
Integration of suspicious audit events and investigation into incident response processes.

Downloads for Logging and Event Monitoring Standard

Open PDF file, 228.22 KB, IS.011 Logging and Event Monitoring Standard (English, PDF 228.22 KB)

Contact for Logging and Event Monitoring Standard

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Table of Contents for the handbook, Enterprise Information Security Policies and Standards

Advisory Logging and Event Monitoring Standard

Contact for Logging and Event Monitoring Standard

Cybersecurity and Enterprise Risk Management

Online

Table of Contents

Purpose

Downloads for Logging and Event Monitoring Standard

Contact for Logging and Event Monitoring Standard

Cybersecurity and Enterprise Risk Management

Online