Complete PCI DSS Log Review Procedures Part 17

Friday, March 11, 2011

Anton Chuvakin

Ebb72d4bfba370aecb29bc7519c9dac2

This is the seventeenth post in the long, long series (part 1, part 2, part 3, part 4, part 5, part 6, part 7, part 8, Part 9, part 10, part 11, part 12, part 13, part 14, part 15, part 16).

A few tips on how you can use it in your organization can be found in Part 1. You can also retain me to customize or adapt it to your needs.

And so we continue with our Complete PCI DSS Log Review Procedures:

Periodic Operational Task Summary

The following chapter contains a summary of operational tasks related to logging and log review. Some of the tasks are described in detail in the document above; others are auxiliary tasks needed for successful implementation of PCI DSS log review program.

Daily Tasks

The table below contains daily tasks, responsible role that performs them as well as what record or evidence is created of their execution:

Anton 17-1

Weekly Tasks

The table below contains weekly tasks, responsible role that performs them well as what record or evidence is created of their execution:

Anton 17-2

Monthly Tasks

The table below contains daily tasks, responsible role that performs them as well as what record or evidence is created of their execution:

Anton 17-3

Quarterly Tasks

The table below contains daily tasks, who performs them as well as what record or evidence is created of their execution:

Anton 17-4

Annual Tasks

The table below contains daily tasks, who performs them as well as what record or evidence is created of their execution:

Anton 17-5

Cross-posted from Security Warrior

Possibly Related Articles:
5591
PCI DSS
PCI DSS Log Management Security Audits Event Logging QSA
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.