PCI-10.5.6:
Verify the following via inquiry of the system administrator and review of file permissions:
- Obtain security policies and procedures and determine that they include procedures to review security logs at least daily, and that follow-up to exceptions is required.
- Through observation and interviews, determine that regular log reviews are performed for all system components.