PCI 10:
Jump to navigation
Jump to search
Requirement 10: Track and monitor all access to network resources and cardholder data.
- Logging mechanisms and the ability to track user activities are critical. The presence of logs in all environments allows thorough tracking and analysis when something does go wrong. Determining the cause of a compromise is very difficult without system activity logs.
- PCI-10.2 Implement automated audit trails to reconstruct the following events, for all system components:
- PCI-10.3 Record at least the following audit trail entries for each event, for all system components:
- PCI-10.5 Secure audit trails so they cannot be altered, including the following:
- An audit history usually covers a period of at least one year, with a minimum of 3 months available online.
--Mdpeters 11:27, 7 July 2006 (EDT)