IT Security Logging Standard
Application
This standard applies to all IT users whether at the University or elsewhere, and refers to all IT resources.
Purpose
This standard serves to regulate the collection and retention of logging information and log data in the University environment. Generally, the purpose of collecting logs is to anticipate and avert significant threats or hazards to IT resources, or to determine the nature of actions that have occurred where an investigation is required.
Standards
1. IT resources may be monitored by authorised members of Digital Services, or authorised third parties contracted on behalf of Digital Services.
2. Logs are kept secure and are only available to authorised IT users and will only be kept as long as necessary, in line with current data protection guidelines.
3. Logs will be retained for as long as required by applicable law or the University’s data retention and disposal guidelines.
4. IT resources may be monitored and logged for all lawful purposes including:
- tracking the flow of network traffic.
- facilitating and improving capacity planning
- identifying areas for improvement, including provision of teaching and learning facilities
- maintaining good availability of network bandwidth
- ensuring use of resources is authorised
- management of systems
- protecting against unauthorised access
- ensuring system security
- compliance with University policies and regulations and any other appropriate regulations all IT users must comply with
- avoiding or mitigating legal liabilities and complying with legal obligations
- preventing and detecting crime
- recording the date/time of transactional based events
Definitions
The following definitions apply to this document:
Authorised IT User refers to an IT user who has been given permission to access the requested data by the Chief Information Security Officer or Chief Digital Officer.
IT resources refers to any University owned or operated hardware or software and the data that is used or stored on it.
IT user means any member of the University community using IT resources.
University means the University of Auckland and includes all subsidiaries.
University community includes all staff members (whether permanent, temporary or part time), honorary staff, students (whether full time or part time), contractors, subcontractors, consultants, alumni, associates, business partners or official visitors or guests of members of the University or UniServices.
Key relevant documents
Include the following:
Document management and control
Owned by: Chief Information Security Officer
Content manager: Chief Information Security Officer
Approved by: Chief Digital Officer
Date approved: 20 January 2023
Review date: 20 January 2026