T3.6.4 - PROTECTION OF LOG INFORMATION
The entity shall protect log information against tampering and unauthorized access.
Back to T3.6.4 - P2 - PROTECTION OF LOG INFORMATION
Controls should aim to protect against unauthorized changes and operational problems with the logging facility including:
- A. Alterations to the message types that are recorded;
- B. Log files being edited or deleted;
- C. Storage capacity of the log file media being exceeded, resulting in either the failure to record events or over-writing of past recorded events.
Some audit logs may be required to be archived as part of the record retention policy or because of requirements to collect and retain evidence.
