This guide describes how to implement the LogRhythm SOX Compliance Automation Suite. This suite provides pre-bundled Investigations, Alarms, and Reports that are designed for the COBIT-5 framework as applied to the associated Sarbanes-Oxley Act of 2002 objectives. In addition, this guide shows how to meet SOX compliance regulations using the LogRhythm Investigations, Tails, Alarms, and Reports. The suite is designed to be dynamic as your organization’s compliance and security posture mature and adapt.
After you configure the automation suite, the LogRhythm Platform Manager will include the components needed to augment SOX compliance efforts. Alarms, Investigations, and Reports are automatically associated with the correct SOX environment classifications and user lists. You can then schedule Reports for periodic generation and delivery, or generate them on demand. Established reporting packages allow you to organize pertinent log data associated with a desired audience. To identify areas of non-compliance in real-time, you can leverage Investigations and Alarms for immediate analysis of activities that impact your organization's cardholder data systems.
This guide is intended for LogRhythm SIEM administrators and analysts who are responsible for maintaining compliance with SOX. Weekly, daily, and monthly Reporting Packages can be established to provide forensic evidence and audit data to appropriate audiences for distribution. These groups include Security Operations, Security Management, IT Operations, Audit, and Executive.
This module adds to an existing LogRhythm deployment, as follows:
- 24 AI Engine Rules
- 74 Investigations
- 19 Lists
- 85 Summary Reports and 76 Detail Reports
- 5 Reporting Packages
The SOX Compliance automation suite is designed to work with the LogRhythm AI Engine.
Overview of Steps
This guide is divided into the following sections: