Bramble Audit Logging Policy
Purpose
To ensure the proper operation and security of Brmbl.io, Bramble logs critical information system activity.
Scope
The audit logging policy applies to all systems within our production environment. The production environment includes all endpoints and cloud assets used in hosting Brmbl.io and its subdomains. This may include third-party systems that support the business of Brmbl.io.
Roles & Responsibilities:
| Role | Responsibility |
|---|---|
| Security Team | Policy definition and oversight |
| System Owners | Definition of individual audit log criteria; Definition and execution of system audit log procedures |
Policy
- Bramble shall log and monitor critical information system activity.
- Logs must be retained for a defined period of time.
- Logs must not be modified and or deleted.
- Access to audit log data must be limited based on the principle of least privilege.
Inline with the OWASP Logging Guidance, System Owners are responsible for determining what constitutes “critical information system activity” in their respective system based on their experience and professional judgement; such activity is then documented either in the handbook or a runbook, whichever is found to be appropriate. Audit logging process must created and implemented by the department(s) or team(s) responsible for a given system.
Exceptions
Exceptions to this policy will be tracked as per the Information Security Policy Exception Management Process.