Accountability and Audit

IT Resources critical to University operations are to have appropriate control measures applied and logging of critical events enabled.

Event logs should be stored on a separate secure IT Resource and not saved to each local system. Storing log information to shared file systems should be avoided.

Audit logs must be protected, set as read-only and made accessible only by personnel authorized to view them.

Where possible, actions performed by System Administrators should be logged.
Logs should not contain passwords.

IT Resources critical to University operations should be audited regularly (minimum once per year).

New critical IT Resource deployments should be audited for compliance by the Information Security Office prior to going live. System Administrators are to fill out a Compliancy Check Form and identify any shortcomings or deficiencies that may exist for that IT Resource.