ISO 27789-2021.docx

INTERNATIONA1.STANDARDISO27789editionSecond2021-10Hea1.thinformatics-Audittrai1.sfore1.ectronichea1.threcordsInformatiquedeI1.istonque(TeXPertisedesdossiersdesantinfbrmatissCOPYRIGHTPROTECTEDDOCUMENT©ISO2021IUirhM*hedbdi1.iUedotherwiseupdhi.o啪InyM1.tta0Dmk<nroni(ncm11ni10tf1.*Mqn1.C6pW11opypMRationmaytheinternetoranintranet,withoutpriorwrittenpermission.PermissioncanberequestedfromeitherISOattheaddressbe1.oworISO'smemberbodyintheCOU1.Uryoftherequester.f),WV>fifiU81.andonnet8CH-1214Vernier,GenevaPhone：M1.22749O1.11觥曲ite：图洲跳触OQrgPub1.ishedinSwitzer1.andContentsForeword5.1.3Unambiguous.5.2.1ofGovernance7.2.2Event.一117.37.2.5identification7.3.3User7.4AccessNetworkidentification157.5.2OverviewParticipantOverview22187.6.5 Participantobjectdatatypecyc1.eiiiIntroductionviScope1Normativereferences1TermsanddefinitionsAbbrcviatedtcrms5Requirementsandusesofauditdata5.1Ethica1.andforma1.requirements511Genea1.7.6.6 Accesspo1.icyidentificationofinformationsystemusers7.6.7 Userro1.es67.6.8 Secureauditrecords6Usesauditdataandsupervision7.6.9 Subjectsofcareexercisingtheirrights.77.6.10 Evidenceandretentionrequirements7Triggcrevents76.1 Genera1."6.2 Detai1.softheeventtypesandtheircontents8Access86.2.2ovntstothepeAuditrecorddetai1.s8Thegenera1.recordformat8Triggereventidentification106.2.1 IDactioncode7.2.3 EventdateandUme.117.2.4 Eventoutcomeindicator12UserEventtypecode7.3.1 User1.I)127.3.2 A1.ternativeuserJD137.3.4 isnamerequestor1.1.2 Ro1.e1.D137.3.6 Pu)oseofuse147.4.1 pointaccesspointtypecode7.4.2 NetworkaccesspointII)167.5Auditsourceidentification167.5.1 AuditenterprisesiteID7.5.3 Auditsource1.D177.5.4 Auditsourcetypecode177.6.1 objectidentification7.6.2 Participantobjecttypecode197.6.3 Partidpantobjecttypecodero1.e197.6.4 ID1.ifecodeandrecordentry1.ifecyc1.eevents7.6.6 ParticipantobjectPermissionPoIicySet237.6.8 ParticipantobjectIDsensitiviiy7.6.9 PartidnantObkJC1.name*.24.24.一238Auditrecordsforindividua1.events258.125n8.2Ouorvevont<.267/Securemanagementofauditdata289.1Securitvconsiderations289.2Securingtheavai1.abi1.ityoftheauditsystem289.3Recontithercqofirtonendixyandintegrityofaudittrai1.s299.5Accesstoauditdata29Annex A (informative)Auditscenarios30Annex B (informative)Audit1.ogservices36Bib1.iography45Forewordthrough(1.SOmittees.workofPreparingbody1.ntemationa1.Standardsisnorma1.1.ytechnica1.e1.ectrotechnica1.standardization.Internationa1.E1.ectrotechnica1.Commission(IEC)ona1.1.mattersofdescribedtypesOf1.SO/IECdOCUmentSshou1.dbePartiCUIar,documentWasapprova1.accordancewiththeAttcntionrigh1.s.drawnsha1.1.notpossibi1.ityresponsib1.cforidentifyinganythisdOcumen1.patentrights,subjectofconstitutenameendorsement,documentisinformationgivenfortheconvenienceofusersanddoesnotexpressionsre1.ated11ganization(WTO)assessment,asinwe1.1.asinformationBarrierstoTradeadherenceseewithdocumentwasCommitteeStandardizationISO/TCTechnica1./nbrntc5zCENTCco1.1.aborationrevised.secondeditioncance1.sandrep1.acesthefirstedition(ISO27789:2013),whichhasbeentechnica1.1.y-harmonizationbetweenauditrecordformatandDICOMformat;reviewofthechartin-Annex-;comp1.ete1.istingquestionsbodiesthiscandocumentWWWstandardsbody.AISO(theInternationa1.OrganizationforStandardization)isawor1.dwidefederationofnationa1.standardsbodiesmemberbodies).TheEachmemberinterestedinsubjectforwhichcarriedOUtcommitteehasbeenestab1.ishedhastherighttoberepresentedonthatcommittee.Internationa1.organizations,governmenta1.andnongovernmenta1.,in1.iaisonwithISO,a1.sotakepartinthework.ISOco1.1.aboratesc1.ose1.ywiththeTheproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenancearedifferentintheDirectives,Part1.Innotud.ThiSthediffunm1.draftedincriteriaforeditoria1.ru1.esoftheISO/IECDirectives,Part2(seewww.iso.org/direc1.ives).patentISOtothebehe1.dthatsomethee1.ementsofora1.1.suchmaybetheDetai1.sanypatentrightsidentifiedduringthedeve1.opmentCehawi1.1.beintheIntroductionand/orontheISO1.istofpatentdec1.arationsreceived(secwww.iso.org/patents).AnytradeusedinthisForanexp1.anationofthevo1.untarynatureofstandards,themeaningofISOspecifictermsandtheWor1.dTradeconformityprincip1.esCheTechnicaIaboutISO,s(TBT)1towww.iso.org/iso/foreword.htm1.ThistheEuropeanpreparedbyforTechnica1.Committee(CEN)215rHeakhComni1.1.cein251,Hea1.thinformatics,inaccordancewiththeAgreementontechnica1.cooperationbetweenISOandCEN(ViennaAgreement).ThisThemainchangesareasfo1.1.ows:reviewofthecontentinAnnexA;bib1.iographyupdate.Anyfeedbackoroftheseonbefoundatshou1.ddirecteduser's.Introduction