SOC 2 Academy: Performing Daily Log Reviews

Author: kirkpatrickprice00

Description: Learn more at

Effectively monitoring an organization’s system is critical to ensuring that no malicious outsider or insider gains access to unauthorized areas or assets. To combat the threat of malicious hackers, we suggest that organizations should start by performing daily log reviews. By having personnel who are strictly responsible for performing daily log reviews, organizations will be better equipped to locate any anomalies that are occurring in their environment, analyze those anomalies, and take the proper measures to mitigate them.
For example, far too often, we have seen data breach headlines that easily could have been prevented if the organization had been performing daily log reviews. A prime example is Panera Bread. In August 2017, a security researcher reported a vulnerability to Panera Bread, but the claim was dismissed. Apparently, Panera Bread didn’t even take the claim seriously enough to look into because eight months later, the bakery-cafe announced a data breach of their website that exposed thousands of customer records. If Panera Bread had personnel dedicated to performing daily log reviews, they could’ve identified the vulnerability on their own and remediated the problem accordingly before any of the clients’ data was put at a greater risk. So, if you’re going to pursue SOC 2 compliance, make sure that your organization has processes in place for performing daily log reviews. Not only will it allow you to keep your security posture strong, but it will demonstrate to your clients that you’re dedicated to keeping their data secure.

Stay Connected

More Free Resources
White Papers:

About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.

For more about KirkpatrickPrice:
Contact us today: 800-770-2701