IBM Champions

Hi All,

I'm sure this question must have been asked many times before, but can I ask it again.

Is there any any guidance anywhere on SMF records, what type of records must be maintained and for how long {does this need to be kept}.

- UK
- Finance

How long the information is retained? 
How must it be maintained? {Audit proof archive}

Is there an Audit compliance requirement? {certain data types, for duration}


I can find lots of information on capturing SMF data and types, I am curious about what data needs to be retained and for how long

Is there any legal guidance I can read around this?

Hi!

 Well in the EU we will shortly be getting the DORA coming into effect and then you must store even more stuff for even longer. Back a few years was GDPR of course and before that Sarbanes-Oxley and the rest of the Personal Data audit requiremnets.

The ROT I use is: save everything about access, updates and select from critical data for as long as you can but a minium of seven years. Same is true for any attempted logons, user id changes (Think SET CURRENT SQLID or Translation here!). All about Roles etc.

Most of the console messages and any use or abuse of encryption. 

Basically a huge amount of data. The good news is you can simply offload down to a PC in corner and "leave it there" until an Auditor requests the data..

just my 0.02

Hi All,

I'm sure this question must have been asked many times before, but can I ask it again.

Is there any any guidance anywhere on SMF records, what type of records must be maintained and for how long {does this need to be kept}.

- UK
- Finance

How long the information is retained? 
How must it be maintained? {Audit proof archive}

Is there an Audit compliance requirement? {certain data types, for duration}


I can find lots of information on capturing SMF data and types, I am curious about what data needs to be retained and for how long

Is there any legal guidance I can read around this?

Hi Roy!

Thank you for the speedy and helpful response.

I will bookmark this as this is one of the best takes on SMF usage and retention I have seen.

Hi!

 Well in the EU we will shortly be getting the DORA coming into effect and then you must store even more stuff for even longer. Back a few years was GDPR of course and before that Sarbanes-Oxley and the rest of the Personal Data audit requiremnets.

The ROT I use is: save everything about access, updates and select from critical data for as long as you can but a minium of seven years. Same is true for any attempted logons, user id changes (Think SET CURRENT SQLID or Translation here!). All about Roles etc.

Most of the console messages and any use or abuse of encryption. 

Basically a huge amount of data. The good news is you can simply offload down to a PC in corner and "leave it there" until an Auditor requests the data..

just my 0.02

Hi All,

I'm sure this question must have been asked many times before, but can I ask it again.

Is there any any guidance anywhere on SMF records, what type of records must be maintained and for how long {does this need to be kept}.

- UK
- Finance

How long the information is retained? 
How must it be maintained? {Audit proof archive}

Is there an Audit compliance requirement? {certain data types, for duration}


I can find lots of information on capturing SMF data and types, I am curious about what data needs to be retained and for how long

Is there any legal guidance I can read around this?