Escolar Documentos
Profissional Documentos
Cultura Documentos
Req. ID
SS 1.1
Functionality
Tracking key
system
accesses
Description
Criticality
The system must be capable of generating Essential
log trails, which contain details about any
read / write access to sensitive data. Details
must relate activity to an identifiable person.
They must be configurable, so that filters and
switches can be used to lower
performance overheads and focus on areas of
concern. It is important that the audit trail that
is generated contain enough information to
support after-the- fact investigation of loss or
impropriety.
SS 1.2
Time-stamp
Where equipment uses a real-time clock to
Essential
based auditing timestamp audit and other time related events,
method
the clock should be regularly checked for
synchronization with both connected systems
and reference clock outside of the system, in this
case the Indian Standard time. For daily
reporting, this would ensure that the reports
generated have some sanity given continuous
data input
SS 1.3
Exception
reporting
Vital
SS 1.4
Detailed
System and application use and attempted use
Essential
system access will be monitored to ensure that the integrity and
tracking
maintained. The documented process shall
include details of: who will monitor what event
and how, the frequency of monitoring, what to do
when suspicious activity is noted, when to
escalate and the escalation path. All events
logged in the audit data shall be taken into
account when deciding what to audit and the
appropriate actions to take. The log must record
the user or process responsible for the event,
terminal ID where available, and the date and
time of the event The following shall be
monitored :-
SS 1.4 a
Essential
SS 1.4 b
SS 1.4 c
Essential
SS 1.4 d
Essential
SS 1.4 e
Essential
SS 1.4 f
Essential
SS 1.4 g
Essential
SS 2.2
Version
consistency
checks
SS 2.7
SS 5.1
SS 5.2
SS 5.3
Startup
Developers will document instructions for the Vital
documentation secure start-up, re-start and operation of the
system.
SS 5.5
Scope control
SS 5.6
Software
A mechanism for controlling software changes
Essential
change control during development shall be implemented. This
mechanism shall as a minimum ensure that : a)
The change is reviewed by appropriate groups
prior to authorization, b) Changes are properly
authorized prior to implementation, c) All
change requests are logged. d) All associated
documentation is altered along with the
software change. e) Version control records are
maintained.
Essential
SS 5.8
Module and
All new and modified software to be used on
Essential
product testing system/application shall first be tested by expert
personnel to ensure that the software have been
subjected to the rigor of test and thereby - a)
Does not introduce added security risks b)
Functions according to design specifications c)
Does not adversely affect the operation of the
system d) Introduces no unauthorized
system changes.
SS 6.1
XML based
Web security
schemas
m Security
Status
TPIEA-IT Remarks
Utility Remarks
Partially In MDAS meter reading logs are
Available generated however no such audit
trails logs are generated
Partially
In MDAS, GIS there is no option
Available for enabling and disabling of the
audit trails