/
Working Draft - IAF-1400

Working Draft - IAF-1400

Apr 10, 2013

 

Abstract

The Kantara Initiative Identity Assurance Work Group (IAWG) was formed to foster adoption of identity trust services.  The primary deliverable of the IAWG is the Identity Assurance Framework (IAF), which is comprised of many different documents that detail the levels of assurance and the certification program that bring the Framework to the marketplace.  The IAF is comprised of a set of documents that includes an Overview publication, the IAF Glossary, a summary Assurance Levels document, and an Assurance Assessment Scheme (AAS), which encompasses the associated assessment and certification program, as well as several subordinate documents, among them the Service Assessment Criteria (SAC), which establishes baseline criteria for general organizational conformitycompliance, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated.  The present document describes the Service Assessment Criteria component of the IAF, including setting out the Assurance Levels.

The latest versions of each of these documents can be found on Kantara’s Identity Assurance Framework - General Information web page.

 

Notice

 

This document has been prepared by Participants of Kantara Initiative.  Permission is hereby granted to use the document solely for the purpose of implementing the Specification.  No rights are granted to prepare derivative works of this Specification. Entities seeking permission to reproduce portions of this document for other uses must contact Kantara Initiative to determine whether an appropriate license for such use is available.

 

Implementation or use of certain elements of this document may require licenses under third party intellectual property rights, including without limitation, patent rights.  The Participants of and any other contributors to the Specification are not and shall not be held responsible in any manner for identifying or failing to identify any or all such third party intellectual property rights.  This Specification is provided "AS IS," and no Participant in Kantara Initiative makes any warranty of any kind, expressed or implied, including any implied warranties of merchantability, non-infringement of third party intellectual property rights, and fitness for a particular purpose.  Implementers of this Specification are advised to review Kantara Initiative’s website (http://www.kantarainitiative.org/) for information concerning any Necessary Claims Disclosure Notices that have been received by the Kantara Initiative Board of Trustees.


1       INTRODUCTION

Kantara Initiative formed the Identity Assurance Work Group (IAWG) to foster adoption of consistently managed identity trust services.  The The IAWG's objective is to create a Framework of baseline policy requirements (criteria) and rules against which identity trust services can be assessed and evaluated.  The goal is to facilitate trusted identity federation and to promote uniformity and interoperability amongst identity service providers, with a specific focus on the level of trust, or assurance, associated with identity assertions.  The primary deliverable of IAWG is the Identity Assurance Framework (IAF).

The IAF specifies criteria for a harmonized, best-of-breed, industry-recognized identity assurance standard.  The IAF is a Framework supporting mutual acceptance, validation, and life cycle maintenance across identity federations.  It is composed ofof the IAF is a set of documents that includes an Overview publication, the IAF Glossary, a summary document detailingon Assurance Levels, and an Assurance Assessment Scheme (AAS) document supported by Rules governing Assurance Assessments (RAA), which encompasses defines the associated assessment and certification program, as well as several subordinate documents.  The present document, subordinate to the AAS, describes the Service Assessment Criteria component of the IAF.

The latest versions of each of these documents can be found on Kantara’s Identity Assurance Framework - General Information web page.

Assurance Levels (ALs) are the levels of trust associated with a credential as measured by the associated technology, processes, and policy and practice statements controlling the operational environment.  The IAF defers to the guidance provided by the U.S. National Institute of Standards and Technology (NIST) Special Publication 800-63 version 1.0.1 [NIST800-63-1] which outlines four levels of assurance, ranging in confidence level from low to very high.  Use of ALs is determined by the level of confidence or trust (i.e. assurance) necessary to mitigate risk in the transaction.

The Service Assessment Criteria part of the IAF establishes baseline criteria for general organizational conformitycompliance, identity proofing services, credential strength, and credential management services against which all credential service providers (CSPs) will be evaluated.  The IAF will initially focuses on baseline identity assertions and will evolve to include attribute- and entitlement-based assertions in future releases.  The IAF will also establish a protocol for publishing updates, as needed, to account for technological advances and preferred practice and policy updates. 

Changes in this revision

The principal reason for changes in this revision is to permit greater flexibility in the combination of Service Components and Full Service Provision and identifies the specific criteria from within the following SAC with which Service Components embracemust comply.

Specifically:

a)         The merging of the Credential Management (CM)-SAC and the Identity (ID)-SAC into a single grouping, the Operational (OP)? SAC (i.e. Operational Criteria).  The OP-SAC is intended to facilitates the flexible allocation of criteria to specific components of a full service;

b)        Placing of Organizational (CO)- SAC and OP-- SAC into their own discrete first-level sections, thus making them more distinct;

c)         Restructuring of the functional criteria by placing them into contiguous sets for each Assurance Level, making it easier for developers, service operators and assessors to access and apply the criteria applicable to the Assurance Levels for which they have chosen to seek certification;

d)        Requirement for certain OP-SAC Part A criteria to be Mandatory for all Component Service applicants;

e)         Consistency in the use of ‘Subscriber’ and ‘Subject’;

f)          Appropriate revisions to other text within this doc to reflect and consistently deal with the points above;

g)         Clear statement that the requirements of this document are normative within the IAF.

 

In the course of these revisions the opportunity has been taken to perform incidental tidy-up where the originally-drafted language no longer reflects practice or terminology.

Excepting where text has been moved within the document and is otherwise unchanged, all revisions between v2.0 and v3.0 are shown with a grey background.

 

2       ASSURANCE LEVELS 

The IAF has adopted four Assurance Levels (ALs), based on the four levels of assurance posited by the U.S. Federal Government and described in OMB M?04?04 [M-04-04] and NIST Special Publication 800-63-1 [NIST800-63-1].  These are further described in the Identity Assurance Framework: Levels of Assurance document, which can be found on Kantara’s Identity Assurance Framework - General Information page.

3       SERVICE ASSESSMENT CRITERIA - GENERAL

Context and Scope

The Identity Assurance Work Group (IAWG) developed and maintains Tthe Service Assessment Criteria (SAC) are prepared and maintained by the Identity Assurance Work Group (IAWG) as part of its Identity Assurance Framework.  These criteria set out the requirements for credential services and their identity providers at all assurance levels within the Framework.  These criteria focus onidentify the specific requirements, at each Assurance Level (AL), against with which Services Service providers must comply and against which they must be assessed by Kantara -Accredited Assessors.  They are divided into two parts:

 

1)    Organizational Criteria:
These criteria address the general business and organizational conformitycompliance  of services and their providers.  They are generally referred-to as the ‘CO-SAC’;

2)    Operational Criteria:
These criteria address operational conformitycompliance of credential management services and the necessary functions which they embrace.  They are generally referred-to as the ‘OP?SAC’.

Criteria Applicability

Any Full Service Provider applying for certification under the Identity Assurance Framework (IAF)must comply with Aall criteria (i.e. CO-SAC and OP-SAC, at the applicable level) for must be complied-with by all Full Service Provisions that are submitted for ApprovalCertification under the Identity Assurance Framework (IAF).

Each Service Component within supporting, or included as a part of,  a Full Service Provision Provider offering must comply with the CO-SAC and a defined sub-set of OP-SAC clauses which fall within the component’s sccomponent’s scope. The Full Service Provider retains the responsibility to ensure each requirement is met.

These criteria have been approved under the IAWG’s governance rules as being suitableby the Kantara membership for use by Kantara-Accredited Assessors in the performance of their CSP/IdP assessments of credentialing services for which a CSP is seeking Kantara ApprovalCertificationcertification

In the context of the Identity Assurance Framework, the status of this document is normative.  An applicant’s credential service shall comply with all applicable criteria within these SAC at their nominated requested AL(s).

This document describes the specific criteria that must be met to achieve each of the four ALs under the IAF.  To be Approved certified under the IAF Identity Assurance Program and be granted the right to use Kantara Initiative Trust Mark, credential services must conform to all applicable criteria at the appropriate level.

Status and Readership

 

This document sets outestablishes normative Kantara requirements and is required reading for Kantara-Accredited Assessors and applicant Service Providers.  It will also be of interest to those wishing to gain a detailed knowledge of the workings of the Kantara Initiative’s Identity Assurance Framework.  It sets outestablishes the Service Assessment Criteria to with which credential service providers must conform in ordercomply to be granted Kantara Approvalcertification.

The description of criteria in this document is required reading for all organizations wishing to become Kantara-Approved credential services, and also for those wishing to become Kantara-Accredited Assessors.  It is also recommended reading for those involved in the governance and day-to-day administration of the Identity Assurance Framework[FR1] .

This document will also be of interest to those seeking a detailed understanding of the operation of the Identity Assurance Framework but who are not actively involved in its operations or in services that may fall within the scope of the Framework[FR2] .

Criteria Descriptions

The Service Assessment Criteria are organized by AL.  Subsections within each level describe the criteria that apply to specific functions.  The subsections are parallel.  Subsections describing the requirements for the same function at different levels of assurance have the same title. 

Each criterion consists ofincludes three components: a unique alphanumeric tag, a short name, and the specific criterion (or criteria) associated with the tag.  The tag provides a unique reference for each criterion that assessors and service providers can use to refer to that criterion.  The name identifies the intended scope or purpose of the criterion. 

 

 

The criteria are described as follows:

 

Tag sequence number, originally incremented by 10 to allow insertion once the SAC is first published.

An abbreviated prefix for the specific SAC.

The assurance level at which this criterion applies.

An abbreviation for the topic area to which the criterion relates

 

 

 

 

 

 

 

 

 

 

 

         

 

          «ALn_CO_ZZZ#999»«name»Criterion ALn (i.e., AL1_CO_ESM#010)

 

Short descriptive name

The actual criterion at a given assurance level, stated as a requirement.

 

 

 

 

 

 

 

When a given criterion changes (i.e. becomes more rigorous) at higher Assurance Levels the new or revised text is shown in bold or ‘[Omitted]’ is indicated where text has been removed.  With the obvious exception of AL1, when a criterion is first introduced it is also shown in bold.

As noted in the above schematic, when originally prepared, the tags had numbers incrementing in multiples of ten to permit the later insertion of additional criteria.  Since then there has been addition and withdrawal of criteria.

Where a criterion is not used in a given AL but is used at a higher AL its place is held by the inclusion of a tag which is marked ‘No stipulation’.  A title and appropriate criteria will be added at the higher AL which occupies that position.  Since in general higher ALs have a greater extent of criteria than lower ALs, where a given AL extends no further through the numbering range, criteria beyond that value are by default omitted rather than being included but marked ‘No stipulation’.

Further, over time, some criteria have been removed, or withdrawn.  In order to avoid the re-use of that tag such tags are retained but marked ‘Withdrawn’.

Not only do these editorial practices preserve continuity they also guard against possible omission of a required criterion through an editing error.

Terminology

All special terms used in this document are defined in the IAF Glossary, which can be found on Kantara’s Identity Assurance Framework - General Information page.

Note that when, in these criteria, the term ‘Subscriber’ is used it applies equally to ‘Subscriber’ and ‘Subject’ as defined in the IAF Glossary, according to the context in which used.  The term ‘Subject’ is used when the reference is explicitly toward that party.

4       COMMON ORGANIZATIONAL
SERVICE ASSESSMENT CRITERIA

The Service Assessment Criteria in this section establish the general business and organizational requirements for conformitycompliance of services and service providers at all Assurance Levels (AL) – refer to Section 2.  These criteria are generally referred to elsewhere within IAWG documentation as CO-SAC and can be identified by their tag “ALn_CO_ xxxx”.

All applicants for Certification, whether Service Components or Full Service Providers These criteria must be conformed-tocomply with these criteria by all applicants for Approval, whether for Service Components or Full Service Provision.

Assurance Level 1

4.1.1     Enterprise and Service Maturity

These criteria apply to the establishment of the organization offering the service and its basic standing as a legal and operational business entity within its respective jurisdiction or country.

An enterprise and its specified service must:

AL1_CO_ESM#010            Established enterprise

Be a valid legal entity, and a person with the legal authority to commit the organization must submit the signed assessment application package.

AL1_CO_ESM#020            Withdrawn

Withdrawn  

AL1_CO_ESM#030            Legal & Contractual compliance

Demonstrate that it understands and complies with any legal requirements incumbent on it in connection with operation and delivery of the specified service, accounting for all jurisdictions and countries within which its services may be used.

Guidance: ‘Understanding’ is implicitly the correct understanding.  Both it and compliance are required because it could be that understanding is incomplete, incorrect or even absent, even though compliance is apparent, and similarly, correct understanding may not necessarily result in full compliance.  The two are therefore complementary.

AL1_CO_ESM#040            No stipulation

AL1_CO_ESM#050            No stipulation

AL1_CO_ESM#055            Termination provisions

Define the practices in place for the protection of Subjects' private and secret information related to their use of the service which must ensure the ongoing secure preservation and protection of legally required records and for the secure destruction and disposal of any such information whose retention is no longer legally required.  Specific details of these practices must be made available.

Guidance: Termination covers the cessation of the business activities, the service provider itself ceasing business operations altogether, change of ownership of the service-providing business, and other similar events which change the status and/or operations of the service provider in any way which interrupts the continued provision of the specific service.

4.1.2     Notices and User information

These criteria address the publication of information describing the service and the manner of and any limitations upon its provision.

An enterprise and its specified service must:

AL1_CO_NUI#010             General Service Definition

Make available to the intended user community a Service Definition that includes all applicable Terms, Conditions, and Fees, including any limitations of its usage.  Specific provisions are stated in further criteria in this section.

Guidance: The intended user community encompasses potential and actual Subscribers, Subjects, and relying parties.

AL1_CO_NUI#020             Service Definition inclusions

Make available a Service Definition for the specified service containing clauses that provide the following information:

a)              a Privacy Policy that complies with the Kantara Federal Privacy Policy

 

AL1_CO_NUI#030             Due notification

Have in place and follow appropriate policy and procedures to ensure that it notifies Users in a timely and reliable fashion of any changes to the Service Definition and any applicable Terms, Conditions, and the required Privacy Policy for the specified service.

AL1_CO_NUI#040             User Acceptance

Require Subscribers and Subjects to:

a)              indicate, prior to receiving service, that they have read and accept the terms of service as defined in the Service Definition;

b)             at periodic intervals, determined by significant service provision events (e.g. issuance, re-issuance, renewal), re-affirm their understanding and observance of the terms of service at periodic intervals, determined by significant service provision events (e.g. issuance, re-issuance, renewal),;

c)              always provide full and correct responses to requests for information.

AL1_CO_NUI#050             Record of User Acceptance

Obtain a record (hard-copy or electronic) of the Subscriber's and Subject’s acceptance of the terms and conditions of service, prior to initiating the service and thereafter at periodic intervals, determined by significant service provision events (e.g. re-issuance, renewal).

 

4.1.3     Not used

4.1.4     Not used

4.1.5     Not used

4.1.6     Not used

4.1.7     Secure Communications

AL1_CO_SCO#010            No stipulation

AL1_CO_SCO#020            Limited access to shared secrets

Ensure that:

a)              access to shared secrets shall be Subject to discretionary controls which permit access to those roles/applications needing such access;

b)             stored shared secrets are not held in their plaintext form unless given adequate physical or logical protection;

c)              any plaintext passwords or secrets are not transmitted across any public or unsecured network are encrypted.

 

Assurance Level 2

 

Criteria in this section address the establishment of the enterprise offering the service and its basic standing as a legal and operational business entity within its respective jurisdiction or country.

4.1.8     Enterprise and Service Maturity

These criteria apply to the establishment of the enterprise offering the service and its basic standing as a legal and operational business entity.

An enterprise and its specified service must:

AL2_CO_ESM#010            Established enterprise

Be a valid legal entity, and a person with legal authority to commit the organization must submit the signed assessment packageapplication for certification.

AL2_CO_ESM#020            Withdrawn

Withdrawn

AL2_CO_ESM#030            Legal & Contractual compliance

Demonstrate that it understands and complies with any legal requirements incumbent on it in connection with the operation and delivery of the specified service, accounting for all jurisdictions within which its services may be offered.  Any specific contractual requirements shall also be identified.

Guidance: Kantara Initiative will not recognize certify a service which is not fully released for the provision of services to its intended user/client community.  Systems, or parts thereof, which are not fully proven and released shall not be considered in an assessment and therefore should not be included within the scope of the assessment packageapplicationParts of systems still under development, or even still being planned, are therefore ineligible for inclusion within the scope of assessment[FR3] .

AL2_CO_ESM#040            Financial Provisions

Provide documentation of financial resources that allow for thesupport for continued operation of the service and demonstrate appropriate liability processes and procedures that satisfy the degree of liability exposure being carried.

Guidance: The organization must show that it has a budgetary provisionthe financial resources to operate the service for at least a twelve-month period, with a clear review of the budgetary planning within that period so as to keep the budgetary provisions extended.  It must also show how it has determined the degree of liability protection required, in view of its exposure per ‘service’ and the number of users it has.  This criterion helps ensure that Kantara Initiative does not grant Recognition certify to services that are not likely to be sustainable over at least this minimum period of time.

AL2_CO_ESM#050            Data Retention and Protection

Specifically set out and demonstrate that it understands and complies with those legal and regulatory requirements incumbent upon it concerning the retention and destruction of private andpersonally identifiable information (PII) (personal and business - i.e. its secure storage and protection against loss, accidental public exposure, and/or improper destruction) and the protection of Subjects’ private information (PII) against unlawful or unauthorized access, excepting that permitted by the information owner or required by due process).

Guidance: Note that whereas the criterion is intended to address unlawful or unauthorized access arising from malicious or careless actions (or inaction), some access may be unlawful UNLESS authorized by the Subscriber or Subject, or effected as a part of a specifically-executed legal process.

AL2_CO_ESM#055            Termination provisions

Define the practices in place for the protection of Subjects’ private and secretPII information related to their use of the service.  These practices which must ensure the ongoing secure preservation and protection of legally required records and for the secure destruction and disposal of any such information whose retention is no longer legally required.  Specific details of these practices must be made available.

Guidance: Termination covers the cessation of the business activities, the service provider itself ceasing business operations altogether, change of ownership of the service-providing business, and other similar events which change the status and/or operations of the service provider in any way which interrupts the continued provision of the specific service.

4.1.9     Notices and User Information/Agreements

These criteria apply to the publication of information describing the service and the manner of and any limitations upon its provision, and how users are required to accept those terms.

An enterprise and its specified service must:

AL2_CO_NUI#010             General Service Definition

Make available a Service Definition that includes all applicable Terms, Conditions, and Fees, including any limitations of its usage, and definitions of any terms having specific intention or interpretation to the intended user community a Service Definition that includes all applicable Terms, Conditions, and Fees, including any limitations of its usage, and definitions of any terms having specific intention or interpretation.  Specific provisions are stated in further criteria in this section.

Guidance: The intended user community encompasses potential and actual Subscribers, Subjects, and relying parties.

AL2_CO_NUI#020             Service Definition inclusions

Make available a Service Definition for the specified service containing clauses that provide the following information:

a)             Privacy, Identity Proofing & Verification, and Revocation and Termination Policies; 

b)             the country in, or legal jurisdiction under, which the service is operated;

c)              if different from the above, the legal jurisdiction under which Subscriber and any relying party enter into agreements are entered into;

d)             applicable legislation with which the service complies;

e)             obligations incumbent upon the CSP;

f)              obligations incumbent upon the Subscriber/Subject;

g)             notifications and guidance for relying parties, especially in respect of actions they are expected to take should they choose to rely upon the service[FR4] ;

h)             statement of warranties;

i)              statement of liabilities toward Subscribers, Subjects and Relying Parties;

j)              procedures for notification of changes to terms and conditions;

k)             steps the CSP will take in the event that it chooses or is obliged to terminate the service;

l)              availabilityavailability of the specified service per se and of its help desk facility.

AL2_CO_NUI#030             Due notification

Have in place and follow appropriate policy and procedures to ensure that it notifies Subscribers and Subjects in a timely and reliable fashion of any changes to the Service Definition and any applicable Terms, Conditions, Fees, and Privacy Policy for the specified service, and provide a clear means by which Subscribers and Subjects must indicate that they wish to accept the new terms or terminate their subscription.

AL2_CO_NUI#040             User Acceptance

Require Subscribers and Subjects to:

a)         indicate, prior to receiving service, that they have read and accept the terms of service as defined in the Service Definition;

b)         at periodic intervals, determined by significant service provision events (e.g. issuance, re-issuance, renewal) and otherwise at least once every five years, re-affirm their understanding and observance of the terms of service;

c)         always provide full and correct responses to requests for information.

AL2_CO_NUI#050             Record of User Acceptance

Obtain a record (hard-copy or electronic) of the Subscriber's and Subject’s acceptance of the terms and conditions of service, prior to initiating the service and thereafter at periodic intervals, determined by significant service provision events (e.g. re-issuance, renewal) and otherwise at least once every five years.

AL2_CO_NUI#060             Withdrawn

Withdrawn.

AL2_CO_NUI#070             Change of Subscriber Information

Require and provide the mechanisms for Subscribers and Subjects to provide in a timely manner, as required under the terms of their use of the serviceand only after the Subscriber's and/or Subject’s identity has been authenticated, in a timely manner full and correct amendments should any of their recorded information change, as required under the terms of their use of the service, and only after the Subscriber's and/or Subject’s identity has been authenticated.

AL2_CO_NUI#080             Withdrawn

Withdrawn.

4.1.10 Information Security Management

These criteria address the way in which the enterprise management ofs the security requirements of its business, the specified service, and information it holds relating to its user community.  This section focuses on the key components that comprise a well-established and effective Information Security Management System (ISMS), or other IT security management methodology recognized by a government or professional body.

An enterprise and its specified service must:

AL2_CO_ISM#010             Documented policies and procedures

Have documentedDocument all security-relevant administrative, management, and technical policies and procedures.  The enterprise must ensure that these are based upon recognized standards, and published references or organizational guidelines, guidelines which are adequate for the specified service, and are implemented in the manner intended.

AL2_CO_ISM#020             Policy Management and Responsibility

Have a clearly defined managerial role, at a senior level, in which full responsibility for the business's security policies is vested and from which review, approvalcertification, and promulgation of policy and related procedures is applied and managed.  The latest approved versions of these policies must be applied at all times.

AL2_CO_ISM#030             Risk Management

Demonstrate a risk management methodology that adequately identifies and mitigates risks related to the specified service and its user community.

AL2_CO_ISM#040             Continuity of Operations Plan

Have, and keep updatedmaintian the currency of, a Continuity of Operations Plan that covers disaster recovery and the resilience of the specified service. 

AL2_CO_ISM#050             Configuration Management

Demonstrate that there is in place a configuration management system in place that at least includes:

a)             version control for software system components;

b)             timely identification and installation of all organizationally -approved patches for any software used in the provisioning of the specified service.

AL2_CO_ISM#060             Quality Management

Demonstrate that there is in place a quality management system in place that is appropriate for the specified service.

AL2_CO_ISM#070             System Installation and Operation Controls

Apply controls during system development, procurement installation, and operation that protect the security and integrity of the system environment, hardware, software, and communications.

AL2_CO_ISM#080             Internal Service Audit

Be subjected to a first-party audit of at least once every 12 months for the effective provision of the specified service by an independent enterprise internal audit functions, of the enterprise responsible for the specified service, unless it can show that by reason of its organizational size or due to other operational restrictions it is unreasonable to be so audited.

Guidance:  ‘First-party’ audits are those undertakenconducted by an independent part of the same organization which offers the service.  The auditors cannot be involved in the specification, development or operation of the service.
Using a ‘third-party’ auditor (i.e. one having no relationship with the Service Provider nor any vested interests in the outcome of the assessment other than their professional obligations to perform the assessment objectively and independently) should be considered when the organization cannot easily provide truly independent internal resources but wishes to benefit from the value which audits can provide.  This could be accomplished by fulfilling the AL2_CO_ISM#090 requirement on a 12-monthly basis.

AL2_CO_ISM#090             Independent Audit

Be subjected to a third-party audit at least every 24 36 months to ensure the organization's security-related practices are consistent with the policies and procedures for the specified service and the applicable SAC.

Guidance: The appointed auditor should have appropriate accreditation or other acceptable experience and qualification, comparable to that required ofshall be a  Kantara-Accredited Assessors.  It is expected that it will be cost-effective for the organization to use the same Kantara-Accredited Assessor for the purposes of fulfilling this criterion as they do for the maintenance of their grant of Kantara Recognition.

AL2_CO_ISM#100             Audit Records

Retain records of all audits, both internal and independent, for a period which, as a minimum, fulfills its legal obligations and otherwise for greater periods either as it may have committed to in its Service Definition or required by any other obligations it has with/to a Subscriber or Subject, and which in any event is not less than 36 months.  Such records must be held securely and be protected against unauthorized access, loss, alteration, public disclosure, or unapproved destruction.

AL2_CO_ISM#110             Withdrawn

Withdrawn.

 

4.1.11 Security-relevant Event (Audit) Records

These criteria apply to the need to provide an auditable log of all events that are pertinent to the correct and secure operation of the service.

An enterprise and its specified service must:

AL2_CO_SER#010             Security event logging