I realize this is an "it depends" question based on the industry you are
in and your Company's risk profile, but I'm involved in discussions about
Log Management with our IT Security Team and I am curious to know
how other companies are addressing this.
So far I have found the following regulations that set forth some sort of
log management requirement:
1) FISMA - NIST SP 800-53; NIST 800-92
2) HIPAA - NIST SP 800-66
3) PCI-DSS
Any guidance on a Friday is appreciated.
Todd P. Johnson, CRM, IGP, CIP, ERMm
Questar Corporation
Records & Information Manager
[log in to unmask]
801-324-5660
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]