Frequently Asked Question

Can you provide clarification for logging/audit trail per PCI DSS requirements 10.2.5 and 10.2.6?

PCI DSS requirement 10.2.5 requires organizations to log the use of and changes to identification and authentication mechanisms. These mechanisms include activities such as creation of new accounts and elevation of privileges, and all changes, additions, or deletions to accounts with root or administrative access.

PCI DSS requirement 10.2.6 requires organizations to log each instance where the audit log is initialized (started), stopped, or paused, to ensure a malicious user is not covering his/her actions or events by interfering with logging functions.
Last updated: May 2014
Originally published: April 2012
Article Number: 1033

Featured FAQ Articles