Common use of Security Audit Trail Responsibility Clause in Contracts

Security Audit Trail Responsibility. Both parties are responsible for auditing system security events and log data related to this interconnection. At minimum, activities that should be recorded in logs will include: event type, date and time of event, system identification (e.g., hostname and/or IP address), success or failure of any access attempts and security actions taken by system administrators, security personnel, or automated systems. Organizations should retain logs according to their internal policies. Audit logs will be retained for 90 days online, and audit trail records shall be preserved for a period of at least seven years as part of managing records for each system to allow audit information to be placed online for analysis with reasonable ease.

Security Audit Trail Responsibility. Both parties are responsible for auditing system security events and log data related to this interconnection. At minimum, activities that should be recorded in logs will include: event type, date and time of event, system identification (e.g., e.g. hostname and/or IP address), success or failure of any access attempts and security actions taken by system administrators, security personnel, or automated systems. Organizations should retain logs according to their internal policies. Audit logs will be retained for 90 days online, and audit trail records shall be preserved for a period of at least seven years as part of managing records for each system to allow audit information to be placed online for analysis with reasonable ease.