PCI-10.5.7:
Jump to navigation
Jump to search
Verify the following via inquiry of the system administrator and review of file permissions:
- Obtain security policies and procedures and determine that they include audit log retention policies and require audit log retention for at least one year.
- For the sample of (insert number and/or description of sample) system components, verify that audit logs are available online or on tape for at least one year.