Audit Logging Sample Clauses

Audit Logging. Vendor shall: Ensure that the following system events are recorded to one or more audit logs in real time: All logins (including standard user, admin user, and service accounts); Account administration: account create, delete, modify permissions, change password, etc.; and Supervisor/Administrator changes to system parameters including security settings and audit logging parameters. Ensure that each audit log event shall comprise at least the following information: Date; Time, down to resolution of at least one second; IP and/or username; Activity description; and Success or failure. Retain audit logs for at least one year. Make the audit logs available to the Customer via an automated process e.g. export from an admin dashboard, syslog, sftp, Splunk forwarder, etc.

Audit Logging. Supplier shall produce audit logs recording user activities, exceptions, and information security events and keep them for an agreed period to assist in future investigations and access control monitoring. Retention for audit logs shall be specified by Supplier and retained accordingly.

Audit Logging. Audit logging shall be enabled on systems that contain Customer Content to capture at a minimum the security-related events define below: i. Account logon (both successful and unsuccessful) and logoff ii. Failed access attempts iii. Account lockouts

Audit Logging. Vendor will implement and maintain hardware, software, and/or procedural mechanisms that record and examine activity in Vendor Systems that contain or use electronic information, including appropriate logs and reports concerning the security requirements set forth in this SPE DP & Info Sec Rider and compliance therewith.

Audit Logging. SCHIO represents and warrants that the System and Services shall automatically record and log access to H&SSI by any person, through any portion of the system, and will upon reasonable notice, provide Participant with reports showing the following with respect to each such access: • Date/time of patient record access • Unique username of accessing person • Name of accessing person and identifying initials (RN, MD, RT, etc.) associated with the username • Specific data elements/fields accessed • Duration of access • Patient name • Patient MRN • Patient DOB • IP address used to access the record • Record of any platform-based printing activity (e.g., excluding screen grabs). In addition, SCHIO shall, upon reasonable notice, and upon Participant’s request, promptly make available to Participant’s personnel access to all of the foregoing audit logs and related information pertaining to access to or use of H&SSI.

Audit Logging. The system shall log all real-time updates and supervisory overrides to compliance status including user ID, data, time, etc., before and after values.

Audit Logging. 1. Vendor shall: a. Ensure that the following system events are recorded to one or more audit logs in real time: i. All logins (including standard user, admin user, and service accounts); ii. Account administration: account create, delete, modify permissions, change password, etc.; and iii. Supervisor/Administrator changes to system parameters including security settings and audit logging parameters. b. Ensure that each audit log event shall comprise at least the following information: i. Date; ii. Time, down to resolution of at least one second; iii. IP and/or username; iv. Activity description; and v. Success or failure. c. Retain audit logs for at least one year. d. Make the audit logs available to the Customer via an automated process e.g. export from an admin dashboard, syslog, sftp, Splunk forwarder, etc.

Audit Logging. Corporate Standard Procedure for Identification and Authorization of Users of IT Systems Corporate Standard Classification and Control of Information Logging of the entry, change and erasure of data Traceability of the entry, change and erasure of data through unique usernames (not user groups) Assignment of rights for the entry, change and erasure of data based on an authorization concept Creating an overview showing which data can be entered, changed and deleted with which applications Maintaining forms from which data is taken over in automated processing Other: Corporate Manual Security Guidelines for Databases - 3.4.6 Data Integrity Specifications for the measures:

Audit Logging. Audit logging shall be enabled on systems that contain Customer Content to capture at a minimum the security-related events defined below: (i) Account logon (both successful and unsuccessful) and logoff; (ii) Failed access attempts; (iii) Account lockouts; (iv) Elevation of privileges (both successful and unsuccessful), and every use of elevated privileges or actions taken while privilege is elevated; (v) Creation, modification and deletion (both successful and unsuccessful) of: (a) Accounts or logon identifiers; (b) Group memberships; (c) Access privileges/attributes for Accounts and groups; (d) User rights and permissions. (vi) Changes in account or logon identifier status (both successful and unsuccessful); (vii) Modifications to, or unauthorized attempts to modify, the security configuration, security function or authorization policy.