LogLogic Podcasts

Log Management Insights Podcast

Automating IT controls and Compliance

Looking at IT Controls from Sox and PCI compliance to COBIT: CEO of LogLogic, Andy Lark, talks about how log management and intelligence can assist a business with real time risk mitigation and regulatory compliance.

Listen Now

Show Notes:

COBIT is a controls and compliance policy. SOX and PCI are regulatory mandates. When you get an audit for SOX or PCI compliance, you need to prove that you have policies and function in place and you need evidence. You need to be able to show that you have polices and procedures in place.

Log data is vital in compliance. Andy talks about the attributes of a good log management and intelligence system:

• Agile reporting
• Standardized reporting packages – SOX or PCI compliance that map back to real world compliance controls
• Ability to rapidly search vast amounts of log data
• Secure storage
• Maintaining the chain of custody

“We believe that log management and intelligence plays a critical role in a company’s compliance efforts – not just from the point of view of attesting to and asserting that you are in compliance with IT controls but a part of ongoing real-time risk mitigation and compliance strategy.”

“Organizations that have become serious about compliance have moved from using log management and intelligence as a rear view mirror forensics exercise to real time alerts and reporting so you can attest to your controls. They’re using IT controls and log management to manage business risks and support business decisions.”