Advisory Logging and Event Monitoring Standard

Date:	10/05/2018
Organization:	Enterprise Security Office
Referenced Sources:	MGL Chapter 7D, Section 2

This standard establishes requirements for security monitoring and event management to detect unauthorized activities on Commonwealth information systems.

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Skip table of contents

You skipped the table of contents section.

Purpose

The Logging and Event Monitoring Standard establishes requirements for security monitoring and event management to detect unauthorized activities on Commonwealth information systems. This standard defines the following related controls and acceptable practices:

Audit requirements for user activities, exceptions and information security events.
Logging activities and actions required to resolve system fault errors.
Guidelines for the frequency of reviewing audit logs.
Protection of audit logs through technical controls such as file permissions.
Integration of suspicious audit events and investigation into incident response processes.

Contact

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Advisory Logging and Event Monitoring Standard

Contact

Cybersecurity and Enterprise Risk Management

Online

Table of Contents

Purpose

Contact

Cybersecurity and Enterprise Risk Management

Online