| ๐ผ 10.2.1 Audit logs are enabled and active for all system components and cardholder data. | 7 | | 2 | |
| ย ย ย ย ๐ผ 10.2.1.1 Audit logs capture all individual user access to cardholder data. | | | 4 | |
| ย ย ย ย ๐ผ 10.2.1.2 Audit logs capture all actions taken by any individual with administrative access, including any interactive use of application or system accounts. | | | | |
| ย ย ย ย ๐ผ 10.2.1.3 Audit logs capture all access to audit logs. | | | 1 | |
| ย ย ย ย ๐ผ 10.2.1.4 Audit logs capture all invalid logical access attempts. | | | 4 | |
| ย ย ย ย ๐ผ 10.2.1.5 Audit logs capture all changes to identification and authentication credentials. | | | 1 | |
| ย ย ย ย ๐ผ 10.2.1.6 Audit logs capture all initialization of new audit logs, starting, stopping, or pausing of the existing audit logs. | | | | |
| ย ย ย ย ๐ผ 10.2.1.7 Audit logs capture all creation and deletion of system-level objects. | | | | |
| ๐ผ 10.2.2 Audit logs record the described details for each auditable event. | | | | |