Logging is occurring for assets that are important to the delivery of the function, at least in an ad hoc manner
Context and Guidance: Enable logging for important assets. Some activities that may be logged include the actions of persons, objects, and entities when they access and use assets, events that can disrupt delivery of the function, changes to assets that deviate from baseline configurations, unexpected assets connecting to networks, and any unexpected or suspicious activity. This may also include unintentionally powered off, deleted, or "resource exhausted" virtualised assets.
Related Practices • Input From: Implementing ASSET-1a provides input that may be useful for implementing this practice. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: SITUATION-1a, SITUATION-1b, SITUATION-1c, SITUATION-1d, SITUATION-1f.