Description
Applicability
-
This Control applies to all Texas A&M University information resources containing Critical, Confidential, or University-Internal data. The intended audience is information resource custodians who are responsible for the installation of new information resources, the operations of existing information resources, and individuals accountable for information resources security.
Implementation
-
1
The information resource custodian shall ensure logging mechanisms are in place to record user activities, exceptions, and information security events, including:
-
1.1
Date and time of the event;
-
1.2
The software or hardware component of the information resource where the event occurred;
-
1.3
Source of the event (e.g. network address);
-
1.4
Type of event that occurred;
-
1.5
User/subject identity (user, device); and
-
1.6
The outcome (success or failure) of the event.
-
1.1