Protective Monitoring for HMG ICT Systems provides a framework for treating risks to systems, and includes guidance for configuring and collecting ICT log information in order to provide an audit trail of security relevant events of interest. These guidelines were put in place to provide security administrators and other IT professionals with an audit trail of relevant security- and operations-related events on their network. The 12 Protective Monitoring Controls (PMC) within GPG-13 describe specific requirements that an organization must meet in everyday practice as well as in audit situations. These requirements can help an organization in IT forensics, incident response and management, and maintaining the integrity of their individual enterprise.
The tables in this whitepaper outline how LogRhythm supports requirements of the GPG-13 Protective Monitoring Controls. They also describe the capabilities LogRhythm provides that directly meet or augment support for GPG-13 compliance objectives.