You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Enable logging for the cloud environment and for cloud-based workloads.
Applicable Service Models
IaaS, PaaS, SaaS
Mandatory Requirements
Validation
Implement adequate level of logging and reporting, including a security audit log function in all information systems.
Confirm policy for event logging is implemented.
This includes logs for the following:
Sign-in logs (interactive and non-interactive sign-ins, API sign-ins)
Access privilege and group changes (including group membership and group privilege assignment)
Changes in configuration of cloud platform
Cloud resource provisioning activities.
Configure events within the solution to support security monitoring, in accordance with GC Event Logging Guidance.
Confirm if monitoring and auditing is implemented for all users.
Ensure that the appropriate contact information is configured so that the CSP can notify the GC organization of incidents they detect.
Confirm that the security contact record within the account should be completed with details of at least two (if multiple permitted by cloud platform) appropriate information security personnel.
Configure an appropriate time zone for the audit records generated by your solution components.
Confirm that the appropriate time zone has been set.
Ensure that resources are assigned to monitor cloud-based events
Demonstrate that the monitoring use cases for the cloud platform have been implemented and have been integrated with the overall security monitoring activities being performed by the department. Evidence could include monitoring run book/checklist, system generated report.