PCI Requirement 10.5.2 – Protect Audit Trail Files from Unauthorized Modifications
Description: Learn more at https://kirkpatrickprice.com/video/pc...
PCI Requirement 10.5.2 requires organizations to protect audit trail files form unauthorized modifications. What would an unauthorized modification look like? Audit trails contain all the correct information about events and incidents in critical systems, so malicious individuals will often seek to modify audit trails to hide their actions. What would an authorized modification look like? If an approved individual in an organization finds unencrypted cardholder data or Social Security numbers in a log, they may want to modify the log to encrypt this sensitive data.
During an assessment for PCI Requirement 10.5.2, an assessor may look for a situation where an individual would need to modify an audit trail file, examine the access controls, and review the modification approval process. An assessor really wants to verify that those who shouldn’t or don’t have access to audit trail files actually don’t have access to them.
More Free Resources
White Papers: https://kirkpatrickprice.com/white-pa...
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.
For more about KirkpatrickPrice: https://kirkpatrickprice.com/
Contact us today: 800-770-2701 https://kirkpatrickprice.com/contact/