SYSTEM MONITORING EVENT MONITORING POLICY
Document Identification |
HSNZ/POL/17 |
|
Document Name |
Firewall Policy |
|
Master Copy |
CISO |
|
Version Number |
1.3 |
|
Date Of Release |
15 Aug 2023 |
|
Prepared By |
Eparama Tuibenau |
CISO |
Approved by |
Kevin McAfee |
Managing Director |
VERSION HISTORY
Sl No |
Version No. |
Prepared by |
Approved by |
Description of Version |
Date |
Reason for Version Change |
|
From |
To |
||||||
1 |
1.0 |
- |
CISO |
MD |
First Release |
14 Apr 2020 |
No changes made |
1 |
1.0 |
1.1 |
CISO |
MD |
Updated |
26 Jun 2021 |
Modifications due to changes in HealthSafe |
1 |
1.1 |
1.2 |
CISO |
MD |
Reviewed |
28 Jul 2022 |
Annual review |
1 |
1.2 |
1.3 |
CISO |
MD |
Reviewed |
15Aug 2023 |
Annual review |
DOCUMENT STATUS
Date |
Document Status |
14 Apr 2020 |
Modified |
26 Jun 2021 |
Reviewed |
28 Jul 2022 |
Reviewed |
15 Aug 2023 |
Current |
Table of Contents
1 Purpose
2 Scope
3 Input
4 Output
5 Interacting Process
6 Abbreviations, Acronyms and Definitions
7 Procedure
8 Monitoring the Process
9 Records
- PURPOSE
The purpose of this document is to establish and maintain a policy for system monitoring and event monitoring for HealthSafe NZ. - SCOPE
These procedures apply to all aspects of system monitoring and event monitoring. - ABBREVIATIONS, ACRONYMS AND DEFINITIONS
Abbreviation |
Description |
HR |
Human Resources |
TL/PM |
Team Lead / Project Manager |
CISO |
Chief Information Security Officer |
4 INPUT
All laptops, tablets, and servers
5 OUTPUT
To ensure all systems are strictly adhered to the procedures
6 INTERACTING PROCESS
All users
7 PROCEDURE
The following logs will be checked regularly for signs of problems, issues on a regular basis by the IT team and will be reported to the CISO accordingly.
- WAF logs
- Antivirus logs
- System error logs
- Data backup and recovery logs
- User access and privilege logs
- Capacity planning reports
Logs shall include:
- User IDs;
- Dates, times and details of key events;
- Records of successful and rejected system access attempts;
- Changes to system configuration;
- Privileges;
- Use of system utilities and applications;
- IP address attempted access;
- Server resource activity logs
- Any security issues discovered will be reported to the CISO for follow-up investigation.
8 Monitoring the Process
- IT team will monitor the adherence of procedure through BitNinja dashboard, Slack notifications, and AWS Security Hub
9 Records
- AWS Security Hub
- BitNinja Dashboard
- CRM ticket logging
- Slack notifications