Secure Req 14
<< Back to Baseline Functional Requirements Index
SECURE-14. SECURITY LOGS
Entities conducting digital identity management functions MUST log their transactions and security events, in a manner that supports system audits and, where necessary, security investigations and regulatory requirements. Timestamp synchronization and detail of logs MUST be appropriate to the level of risk associated with the environment and transactions.
Transactions and events associated with systems that support identity management functions must be time-stamped and logged. Where necessary additional information related to the events also must be logged (such as the source of an authentication assertion) with the data needed to support audits.
Selection of logging and timestamping standards, processes, and procedures should be consistent with the processes outlined in SECURE-1 (SECURITY PRACTICES).
Audit records and logs must be protected consistent with SECURE-2 (DATA INTEGRITY).
As an example: HIPAA Security Regulations regarding development and maintenance of logging procedures and records: 45 CFR Part 164, § 164.308(a)(1)(ii)(D), § 164.408(c): http://www.ecfr.gov/cgi-bin/text-idx?node=pt45.1.164&rgn=div5