How to meet Security Logging Standards?
The primary objective with this collection of Best Practices is to ensure individual accountability and to enable investigation and collection of evidence for incidents, such as access violations, malware, and intrusion attacks, and fraud.
The secondary objective is to provide evidence of compliance against legal requirements and internal as well as external demands.
Relevance of Security Logging Standards for SAP
Fulfilment of Information Security Standards is valid for all Business Applications and IT Infrastructure owned or used by organizations classified with MEDIUM, HIGH or ENTERPRISE criticality level.
SAP along with other business applications containing personal data, confidential or strictly confidential information needs to be able to use logging to enable detection of application logic tampering and data breach investigations.
Creating Business Intelligence
The Recommended Best Practices can provide business intelligence to an organization by
- Giving more in-depth insight into “what” has occurred
- Providing full security monitoring
- Enabling detailed visibility into access to personal data on SAP
- Supporting GDPR compliance