LOG-6 Usage Monitoring

What is this control really about?

This control is about using a monitoring tool to collect, analyze, predict and report on system usage and identify performance issues.

This control is helpful when an organization wants a control that focuses on performance on their systems, such as demonstrating that the system is available according to the stated SLA.

This is not mandatory.

Available tools in the marketplace

The following listing is “crowdsourced” from our customer base or from external research. TrustCloud does not personally recommend any of the tools below, because we haven’t personally used them. 

Available templates

• N/A template for this section

What is required to implement this control?

The implementation of a monitoring tool is required and the following should be included:

• Configuring performance indicators (CPU, disk, memory usage, etc..)
• Enabling a threshold for alert notifications
• Set up an alert notification in case the threshold are met
• Restricting the access to the log

What evidence is the auditor looking for?

• Provide screenshot of the monitoring tool dashboard showing the performance indicators
• Provide screenshot of the alert notification threshold
• Provide screenshot of the alert notification

An example of what an artifact can look like

1. Provide a screenshot of the centralized tool dashboard showing the various systems connected to it and feeding it logs.

Example shows the dashboard and the performance  being tracked:

source

2. Provide a screenshot of the alert notification threshold.

Evidence shows the alert notification configuration demonstrating who will be alerted

3. Provide a screenshot of the alert notification.

Example of alert notification