From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300168
Associated with: CCI-001575
Audit review, analysis, and reporting covers information security-related auditing performed by organizations including, for example, auditing that results from monitoring of account usage, remote access, wireless connectivity, mobile device connection, configuration settings, system component inventory, use of maintenance tools and nonlocal maintenance, physical access, temperature and humidity, equipment delivery and removal, communications at the information system boundaries, use of mobile code, and use of VoIP. Off-loading helps ensure a compromise of the information system being audited does not also result in a compromise of the audit records.
Review the CDR policy and supporting documentation for the CDR storage requirements. The organization must document and store CDRs separate from the Voice Video network elements generating the records. If the organization does not document and store CDRs separate from the Voice Video network elements generating the records, this is a finding.
Develop and document in the CDR policy or supporting documentation that the organization stores CDRs separate from the Voice Video network elements generating the records. Implement the CDR storage separate from the Voice Video network elements generating the records.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer