AU
APP083: Audit Events
Does the application log all security relevant events in accordance with the applicable logging standards outlined in CISS and (Application Event Logging Standards [AELS] or Infrastructure Security Event Logging Standards [ISELS])?
Guidance: The answer should be 'Yes' since to comply with CISS all attempted violations of system security and all significant events relating to security and system administration, financial transactions, and customer information must be audited.
No auditing for the above events listed or for any other security violations.
Replies
All security events are logged. Any modifications to the security policies, roles, permissions or users are logged.
Here's the log showing changes made to the security policies:
Here's the log showing changes to a role permission:
An here's the log showing changes made to a user account: