← Glossary·Security

Audit Logging

SOC 2ISO 27001PCI DSSHIPAASOX

Tamper-resistant recording of security-relevant events for monitoring, investigation, and evidence.

Audit logging is the recording of security-relevant events — authentication, authorisation, privileged actions, configuration changes, data access — in a tamper-resistant, time-synchronised store retained for an appropriate period (typically 1 year hot, 7 years cold for regulated industries).

Why it matters
Logs without integrity controls (WORM, cryptographic hashing) and without monitoring are insufficient. PCI DSS 10 is the most prescriptive standard on log content and retention.

Related terms

SIEM
Platform aggregating, correlating, and alerting on security log data across an environment.
Change Management
Documented process for approving, testing, and deploying changes to production systems.

Does your program actually cover Audit Logging?

Run a free ComplianceIQ audit against SOC 2 and we'll surface every gap on this — and the other controls auditors flag — with the exact clause references to fix.

Free SOC 2 auditBack to glossary