💼 5.28 Collection of evidence

• Contextual name: 💼 5.28 Collection of evidence
• ID: /frameworks/iso-iec-27001-2022/05/28
• Located in: 💼 5 Organizational controls

Description

The organization shall establish and implement procedures for the iden- tification, collection, acquisition and preservation of evidence related to information security events.

Similar

• Internal
  • ID: dec-c-8e41f70a

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (21)

Policy	Logic Count	Flags
📝 Azure Diagnostic Setting captures Administrative, Alert, Policy, and Security categories 🟢	1	🟢 x6
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢		🟢 x3
📝 Azure Network Security Group Flow Logs retention period is less than 90 days 🟢	1	🟢 x6
📝 Azure SQL Server Auditing is not enabled 🟢	1	🟢 x6
📝 Azure Storage Account Secure Transfer Required is not enabled 🟢	1	🟢 x6
📝 Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟢	1	🟢 x6
📝 Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update SQL Server Firewall Rule does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete SQL Server Firewall Rule does not exist 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_error_verbosity Database Flag is not set to DEFAULT or stricter 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_statement Database Flag is not set appropriately 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-02eed49a	1
✉️ dec-x-6fc9c949	1
✉️ dec-x-20c9ef83	1
✉️ dec-x-36ced3d1	1
✉️ dec-x-611eaa35	1
✉️ dec-x-79579ed7	1
✉️ dec-x-9002886f	1
✉️ dec-x-a193b20f	1
✉️ dec-x-b2ce0ca1	1
✉️ dec-x-c397d3ca	2
✉️ dec-x-d95ea48b	1
✉️ dec-x-db1b7a1b	1
✉️ dec-x-dc359e59	1
✉️ dec-x-e5c05d3e	1