LogRhythm Support for ISO 27001

ISO (International Organization for Standardization) Standard 27001 provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an ISMS (Information Security Management System) within the context of the organization’s overall business risks. These published guidelines cover many areas surrounding “access control”, “audit and accountability”, “incident response”, and “system and information integrity”.

The collection, management, and analysis of log data are integral to meeting many ISO 27001 guidelines. The use of LogRhythm directly meets some recommendations and decreases the cost to meet others. IT environments consist of heterogeneous devices, systems, and applications—all reporting log data. Millions of individual log entries can be generated daily, if not hourly. The task of organizing this information can be overwhelming. The additional recommendations of analyzing and reporting on log data render manual processes or homegrown remedies inadequate and cost prohibitive for many organizations.

LogRhythm collects logs continuously and real-time in the organizational IT environment. The logs are normalized, analyzed and presented in the LogRhythm Dashboard for real-time review. Alarms are activated on critical events that will cause immediate and direct notification to the administration. Reports and investigations for compliance are available at all times. Example Reports:

  • System Critical And Error Conditions

  • Alarm And Response Activity

  • Usage Auditing Activity Summary 

Download LogRhythm and 3rd Party Whitepapers