3.  Log monitoring – Are the security event logs secured and monitored to detect anomalous
                       activity?

                   Stakeholders such as senior management and the board require assurance that information
                   technology controls, including managing access to IT resources, are well designed and
                   effectively implemented.









































































                   3 — theiia.org