Hi

ISO 27001 standard does not mandate any minimum retention period for
security logs.

Usuall the logs are maintained for 3-6 months depending on the size of the logs.

The standard only mandates that the logs needs to be stored on an
isolated system like Syslog server.Also standard has a clause that
administrative logs needs to be stored and reviewed on a regular
basis.

On 12/18/06, iso 27000 <is27001 (at) gmail (dot) com [email concealed]> wrote:
> Hi
>
> How long do the security logs need to be stored? Is it same duration
> for OS logs, application logs, Router logs, Firewall logs etc?
>
> What are the best practice recommendations? What factors determine the
> retention period?
>
> I am trying to figure this for a Bank with operations in multiple gepgraphies.
>
> Are there any specific recommendations by ISO 27001 standard ?
> Anything FFIEC guidelines on same topic?
>

--
Harshal Mehta

Information Security Analyst
ISO 27001 IA CEH cVa ITIL
NII Consulting
Mobile: +91 9819066601
Website: www.niiconsulting.com

=================================================================
Checkmate - Incident Response and Digital Forensics e-Zine
http://www.niiconsulting.com/checkmate
=================================================================
Information Assurance Services
http://www.niiconsulting.com/services.html
=================================================================
This message may contain privileged and confidential information and is
solely for the use of intended recipient. If you are not the intended
recipient you should not disseminate, distribute, store, print, copy or
deliver this message. Please notify the sender immediately by e-mail if
you have received this e-mail by mistake and delete this e-mail from
your system.
===================================================================

[ reply ]