OASB
v1.0
Controls/Monitoring & Response/10.1
L1 EssentialAutomated verification

10.1 Security Event Logging

10. Monitoring & ResponseHow do we detect and respond?

Description

All security-relevant events MUST be logged with sufficient detail.

Rationale

Without logging, security incidents go undetected and uninvestigated.

Audit Procedure

1. Verify logging is enabled
2. Check log content includes required fields
3. Verify security events are captured

Remediation

1. Enable structured logging
2. Send to centralized SIEM
3. Set retention per compliance

Framework Mappings

CIS Control 8.2CIS Control 8.5NIST DE.CM-1NIST PR.PT-1
Previous9.5 Secure Configuration DefaultsNext10.2 Anomaly Detection