TABLE OF CONTENTS

• HIPAA
• PCI DSS
• NIST
• Essential 8

HIPAA

• 164.308 (A) (3) (II) (A) - Implement procedures for the authorization and / or supervision of workforce members who work with electronic protected health information or in location where it might be accessed.
• 164.308 (A) (1) (II) (D) / 164.312 (B) - Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports. implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
• 164.308 (A) (4) / 164.308 (A) (1) - Implement policies and procedures to prevent, detect, contain, and correct security violations. (unauthorized changes).
• 164.308 (A) (5) (II) (C) - Procedures for monitoring log-in attempts and reporting discrepancies.
• 164.308 (A) (4) (C) - Implement policies and procedures that, based upon the entity's access authorization policies, establish, document, review, and modify a user's right of access to a workstation, transaction, program, or process.
• 164.306 (A) (1) - Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity or business associate creates, receives, maintains, or transmits.

PCI DSS

PCI DSS Reports for controls including Sections:

• 8.2.5 - Immediately revoke access for any terminated users. Data displayed shows the list of terminated users in the organization.
• 8.2.6 - Remove/disable inactive user accounts within 30 days. Data displayed shows users who have not been authenticated for at least 30 days.
• 8.3.4 - Limit repeated access attempts by locking out the user ID. Data displayed shows all the users who have done consecutive failed password attempts and their accounts are locked.
• 8.3.5 - Set passwords/passphrases for first-time use and upon reset to a unique value for each user, and change immediately after the first use. The report displays users who have not changed their passwords after first login.
• 8.6.3 - Change user passwords/passphrases at least once every 30 days. The report displays users who have not changed their passwords in the past 30 days.
• 10.2.1.1 - Implement automated audit trails for all individual user access to cardholder data. Data displayed here shows all logins (successful/failed) to cardholder data assets. This report also displays all object access by individual user to cardholder data.
• 10.2.1.2 - Implement automated audit trails for all actions taken by any individual with root or administrative privileges. Data displays all actions performed by users with root or administrative privileges.
• 10.2.1.4 - Implement automated invalid logical access attempts. Data displays all unsuccessful login attempts.
• 10.3.2 - Implement automated audit trails for initialization, stopping, or pausing of the audit logs. This report displays instances of audit logs cleared and devices that have stopped sending logs.

NIST

NIST Reports for controls including Sections:

• AU-3 A.12.4.1*)(AU-5 A.12.7.1) - Audit of the file operations (who did what) together with the operation status.
• (AC-2 A.9.2.1,A.9.2.2,A9.2.3,A9.2.5,A.9.2.6) - Information related to system accounts operation.
• (AC-7 9.4.2) - Information related to failed login attempts.
• (AC-11 A.11.2.8,A.11.2.9) - Information related user session lock/unlock activities.
• (AC-17 A.6.2.1,A6.2.2,A.13.1.1,A.13.2.1,A.14.2.1 IA-2 9.2.1, AI-4 A.9.2.1) - Information related user login from remote site.
• (IA-5 A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.3,IA-8 A.9.2.1) -  Information about object file access attempt by a privileged user and the status of that operation.

Essential 8

Support for Essential 8 Maturity Model including:

• Scheduled, automated asset discovery.
• Scheduled , vulnerability assessment scans with regularly updated feeds.
• Central, protected event logging.
• Event analysis and reporting.