Information System Activity Review

The final part of the Security Management section of the Administrative Rule is also a required component. Agencies must implement procedures to regularly review records of Information System activity such as audit logs, access reports, and security incident tracking reports. This basically means to find out what types of logs are available on your system, find out how to use them and regularly review the reports and logs to detect possible security issues or breaches. In some cases you may want to consider purchasing some type of logging software to make this task easier.

So the Required Tasks under the Security Management section of the Administrative Rule are:

• Risk Analysis
• Risk Management
• Sanction Policy
• Information System Activity Review