What Should I Do?
Monitor, Report and Review
Mechanisms of constant monitoring and recording are important elements that should be established such that sufficient information can be obtained and proper arrangements can be made when tackling a security incident.
Day-to-day operational data such as audit trail of application, event history, error log, access records, or authorization data should be properly recorded and backed-up to support incident handling or other required security procedure.
In addition, the continual review and assessment should form an integral part of the whole system to take into account the technological advances and to ensure that proper measures are put in place to cope with new requirements and changes in the underlying environment.
|