CIS Controls v8 · Control 8: Audit Log Management
8.1 Establish and maintain an audit log management process
Establish and maintain a documented audit log management process defining the enterprise's logging requirements.
Mapped across 9 provisions
Equivalent and related requirements in other frameworks and regulations.
- ISO 27001EquivalentOfficial mapping
Source: CIS Controls v8 / ISO/IEC 27001
A.8.16 Monitoring activitiesLogging, monitoring & detection
- NIST CSF 2.0EquivalentOfficial mapping
Source: CIS Controls v8 / NIST CSF 2.0
DE.CM-01 Networks and services monitoredLogging, monitoring & detection
- DORAPartialCuratedArt. 10 Detection
Logging, monitoring & detection
- GLBAEquivalentCurated§314.4(c)(8) Monitoring and logging of authorized user activity
Logging, monitoring & detection
- HIPAAEquivalentCurated§164.312(b) Audit controls
Logging, monitoring & detection
- NIST 800-171EquivalentCurated3.3.1 Create and retain audit logs
Logging, monitoring & detection
- NIST 800-53EquivalentCuratedAU-2 Event logging
Logging, monitoring & detection
- PCI DSSEquivalentCuratedReq. 10 Log and monitor all access to system components and cardholder data
Logging, monitoring & detection
- SOC 2EquivalentCuratedCC7.2 Security event monitoring
Logging, monitoring & detection