AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Sox iso 27001 mapping3/9/2024 Table 1 – Foundation Events for Logging and Security Framework The numbering scheme used in Table 1 will be referenced throughout the framework. Implementing these audits will go a long way toward meeting logging and auditing requirements for most compliance and security standards like PCI requirement 10.2. Table 1 presents the core set of audits that, if implemented, will serve as a foundation for more advanced security analytics. We view these security events and actions as the core set and most organizations will need to expand these events and actions to address specific compliance and security requirements, such as functional or change management requirements.įigure 1 - Integrigy's Framework for Auditing and Logging in Oracle E-Business Suite These security events and actions are derived from and mapped back to key compliance and security standards most organizations have to comply with. The foundation of the framework is the set of security events and actions that should be audited and logged in all Oracle E-Business Suite implementations. We have also based it on compliance and security standards such as Payment Card Industry (PCI-DSS), Sarbanes-Oxley (SOX), IT Security (ISO 27001), FISMA (NIST 800-53), and HIPAA. Continuing this blog series on Oracle E-Business logging and auditing, Integrigy’s log and audit framework is based on our consulting experience.
0 Comments
Read More
Leave a Reply. |