You are here :: home > knowledge network > FND-OCEG Foundation "Red Book" v1 > P-Process > I-Information & Communication > I1-Information & Records Management > I1.4 Define Information Management Monitoring
I1.4 DEFINE INFORMATION MANAGEMENT MONITORING
Monitor information to identify potential situations where data and records may be compromised.


These monitoring procedures actively demonstrate that the entity has applied an additional layer of controls to manage and protect data and records.
Core Practices
    I1.4.101
  • Define events to be logged and investigated with regards to specific environments and/or software applications
    I1.4.102
  • Define the procedures and tools for logging defined events, review of logs and retention of logs
    I1.4.103
  • Define a notification procedure for questionable events determined from log reviews
    I1.4.104
  • Define procedures for containment and response coordination to a breach in information management policies
    I1.4.105
  • Define procedures for communicating questionable events and documenting results
Additional Practices
    I1.4.201
  • Practise responding to breaches of information management policies via table-top exercises
    I1.4.202
  • Define situations where forensic analysis is required
    I1.4.203
  • Investigate root cause for breach and revise upstream policies and procedures
GUIDELINE DETAILS
Actions: Download<br />Download
Legend:
Source / Reference
Resource
Domain Supplement