Skip to main content

💼 A.12.4.3 Administrator and operator logs

ID: /frameworks/iso-iec-27001-2013/12/04/03

Description

System administrator and system operator activities shall be logged and the logs protected and regularly reviewed.

Similar

Internal
- ID: dec-c-e9b1f602

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events		20	26		no data
💼 NIST CSF v1.1 → 💼 PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy		16	33		no data
💼 NIST CSF v1.1 → 💼 RS.AN-1: Notifications from detection systems are investigated		18	24		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (8)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail Log File Validation is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Diagnostic Setting for Azure Key Vault is not enabled🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Security Solution does not exist🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-20c9ef83	1
✉️ dec-x-79579ed7	1
✉️ dec-x-9002886f	1
✉️ dec-x-b1e1a494	1
✉️ dec-x-b2ce0ca1	1
✉️ dec-x-c397d3ca	2
✉️ dec-x-dc359e59	1

Description
Similar
Similar Sections (Give Policies To)
Sub Sections
Policies (8)
Internal Rules