1、INTERNATIONA1.STANDARDISO27789editionSecond2021-10Hea1.thinformatics-Audittrai1.sfore1.ectronichea1.threcordsInformatiquedeI1.istonque(TeXPertisedesdossiersdesantinfbrmatissCOPYRIGHTPROTECTEDDOCUMENTISO2021IUirhM*hedbdi1.iUedotherwiseupdhi.o啪InyM1.tta0DmkfifiU81.andonnet8CH-1214Vernier,GenevaPhone:M
2、1.22749O1.11觥曲ite:图洲跳触OQrgPub1.ishedinSwitzer1.andContentsForeword5.1.3Unambiguous.5.2.1ofGovernance7.2.2Event.一117.37.2.5identification7.3.3User7.4AccessNetworkidentification157.5.2OverviewParticipantOverview22187.6.5 Participantobjectdatatypecyc1.eiiiIntroductionviScope1Normativereferences1Termsan
3、ddefinitionsAbbrcviatedtcrms5Requirementsandusesofauditdata5.1Ethica1.andforma1.requirements511Genea1.7.6.6 Accesspo1.icyidentificationofinformationsystemusers7.6.7 Userro1.es67.6.8 Secureauditrecords6Usesauditdataandsupervision7.6.9 Subjectsofcareexercisingtheirrights.77.6.10 Evidenceandretentionre
4、quirements7Triggcrevents76.1 Genera1.6.2 Detai1.softheeventtypesandtheircontents8Access86.2.2ovntstothepeAuditrecorddetai1.s8Thegenera1.recordformat8Triggereventidentification106.2.1 IDactioncode7.2.3 EventdateandUme.117.2.4 Eventoutcomeindicator12UserEventtypecode7.3.1 User1.I)127.3.2 A1.ternativeu
5、serJD137.3.4 isnamerequestor1.1.2 Ro1.e1.D137.3.6 Pu)oseofuse147.4.1 pointaccesspointtypecode7.4.2 NetworkaccesspointII)167.5Auditsourceidentification167.5.1 AuditenterprisesiteID7.5.3 Auditsource1.D177.5.4 Auditsourcetypecode177.6.1 objectidentification7.6.2 Participantobjecttypecode197.6.3 Partidp
6、antobjecttypecodero1.e197.6.4 ID1.ifecodeandrecordentry1.ifecyc1.eevents7.6.6 ParticipantobjectPermissionPoIicySet237.6.8 ParticipantobjectIDsensitiviiy7.6.9 PartidnantObkJC1.name*.24.24.一238Auditrecordsforindividua1.events258.125n8.2Ouorvevontrmc8以始片隔布脸M躯W曲既麻外辎阁怅I1.hinformationfromthee1.ectronichea
7、1.threcord,otherthanidentifiers,theauditrecordon1.ycontaining1.inkstoEHRsegmentsasdefinedbythegoverningaccesspo1.icy.三ftf6MchspfffttwrftdOfUSePerfOIW崎1品豉哪PIiCatiOmW阳gf小闻tSuppJMystemareconstructionofdata,putersecuritystandardssuchasISO/IEC15408(a1.1.parts)9.scenarios.-AnneM-Bgivesanoverviewofaudit1.o
8、gservices.期刷福网的租用的t姓hisr(Ment.W%Mref融f热为W/a时用eedif1.bna1.1.*噂PIieS.由Wientundatedreferences,the1.atesteditionofthereferenceddocument(inc1.udinganyamendments)app1.ies.ISO27799:2016,Hea1.thinformaticsInformationsecuritymanagementinhea1.thusingIS0/1EC27002ISO8601-1,DateandtimeRepresentationsforinformati
9、oninterchange-Part1:Basicru1.es0TSTeWftiiriitiO11SfbrmtcsTrustedend-to-endinformationf1.owsfif1.JiWngfi1.susSah性曲HWWiQp1.y.thetermsanddefinitionsgiveninISO/TS21089:2018andtheISOandIECmaintaintermino1.ogydatabasesforuseinstandardizationatthefo1.1.owingaddresses:ISOOn1.inebrowsingp1.atform:avai1.ab1.e
10、avh11pswww5eeFgobpIECE1.ectropedia:avai1.ab1.eathttps:/www.e1.ectropedia.org/3.1accesscontro1.meanstoensurethataccesstoassetsisauthorizedandrestrictedbasedonbusinessandsecurityrequirementspgURCE:ISO1EC27000:2018,3.1accesspo1.icyyinitionoftheob1.igationsforauthorizingaccesstoaresourceaccountabi1.ityo
11、b1.igationofanindividua1.ororganizationtoaccountforitsactivities,forcomp1.etionofade1.iverab1.eortask,acceptresponsibi1.ityforthoseactivities,de1.iverab1.esortasks,andtodisc1.osetheresu1.tsinatransparentmanner期RCE:ISO/TS21089:2018,3.3.1agententitythattakesprogrammedactions,suchassoftwareoradeviceggU
12、RCE:ISO/TS21089:2018,3.6.4a1.ert笠掷issentwhenthemonitorservicenoticesthataseriesofeventsmatchesapatternauditindependentreviewandexaminationofrecordsandactivitiestoassesstheadequacyofsystemcontro1.s,toensurecomp1.iancewithestab1.ishedpo1.iciesandoperationa1.procedures,andtorecommendnecessarychangesinc
13、ontro1.s,po1.iciesorprocedures史9URCE:ISO/TS21089:2018,3.20auditarchivegrghiva1.co1.1.ectionofoneormoreaudit1.ogsauditdata妒obtainedfromoneormoreauditrecordsaudit1.oghjgno1.ogica1.sequenceofauditrecords,eachofwhichcontainsdataaboutaspecificeventauditrecord型Hrdofasing1.especificeventinthe1.ifecyc1.eofa
14、ne1.ectronichea1.threcordauditsysteminformationprocessingsystemthatmaintainsoneormoreaudit1.ogs3.12audittrai1.chrono1.ogica1.recordofsystemactivitiesthatissufficienttoenab1.ethereconstruction,reviewingandexaminationofthesequenceofenvironmentsandactivitiessurroundingor1.eadingtoanoperation,aprocedure
15、oraneventinatransactionfromitsinceptiontofina1.resu1.ts更WRCE:GCSTauthenticationprovisionofassurancethatac1.aimedcharacteristicofanentityiscorrectRCE:ISO/IEC27000:2018,3.5authorizationgrantingofrights,whichinc1.udesthegrantingofaccessbasedonaccessrightsRCE:ISO/IEC2382:2015,2126256rmodifiedNotestoent
16、ryde1.eted.)avai1.abi1.itypropertyofbeingaccessib1.eanduseab1.eupondemandbyanauthorizedentityRCE:ISO/iEC27000:2018,3.7Jconfidentia1.itypropertythatinformationisnotmadeavai1.ab1.eordisc1.osedtounauthorizedindividua1.s,entities,orprocessesgOURCE:ISO/IEC27000:2018,3.10coordinateduniversa1.timeUTCtimesc
17、a1.ewhichformsthebasisofacoordinatedradiodisseminationOfstandardfrequenciesandtimesigna1.sNote1entry:UTCnumbertoofseconds,correspondsexact1.yinratewithinternationa1.atomictime,butdiffersfromitbyanintegra1.更9那CE:IEC60050-713:1998.05-20)dataintegritypropertyofdatawhoseaccuracyandconsistencyarepreserve
18、dregard1.essofchangesmade史,JRCE:ISO2382:2015,2126247.modifiedNotestoentryde1.eted.e1.ectronichea1.threcordEHRrepositoryof(organizedsetsof)informationregardingthehea1.thstatusofasubjectofcare,incomputerprocessab1.eformSOURCE:ISO/TR20514:2005,2.11imodifiedTextinparenthesisadded.)e1.ectronichea1.threco
19、rdsegmentEHRsegmentpartofane1.ectronichea1.threcordthatconstitutesadistinctresourcefortheaccesspo1.icy3.21identificationprocessofrecognizingtheattributesthatidentifytheobject融RCE:ISO16678:2014,2.1.7Jidentieroneormorecharactersusedtoidentifyornameadatae1.ementandpossib1.ytoindicatecertainpropertiesof
20、thatdatae1.ement0URCE:ISO!EC2382:2015,2121623informationsecuritypreservationofconfidentia1.ity,integrityandavai1.abi1.ityofinformation炒9RRCE:ISO!EC27000:2018,3.28Jintegritypropertyofaccuracyandcomp1.etenessgggRCE:ISO/IEC27000:2018,3.36objectidentierOIDg1.oba1.1.yuniqueidentifierforaninformationobjec
21、tNerteQdnaenttvndhcdn蟒ntif1.ersU诃imxhHactoutmEtfeobe(i(ttetf)fterws0rifieda(tengSSfcten1.XAbbtractngxNotationOne(ASN.1)definedinISO/IEC8824-1andISO/IEC8824-2.po1.icysetofru1.esre1.atedtoaparticu1.arpurposeNote1toentry:ru1.ecanbeexpressedasanob1.igation,anauthorization,apermissionoraprohibition.f2aRC
22、E:ISO19101-2:2018,modifiedNote1toentryadded)privi1.egeapgcityassignedtoanentitybyanauthorityrecordsmanagementfie1.dofmanagementresponsib1.eforcontro1.ofcreation,receipt,maintenance,useanddispositionofrecords,inc1.udingprocessesforcapturingandmaintainingevidenceofandinformationaboutbusinessactivities
23、andtransactionsintheformofrecords叵2gRCE:ISO15489-1:2016,3.15,modifiedro1.ecompetencesand/orperformancesassociatedwithataskSeciiritypo1.icyp1.anorcourseofactionadoptedforprovidingcomputersecurityPOURCE:ISO/IEC2382:2015,2126246,modifiedNotestoentryde1.eted.3.31sensitivity3.32subjectofcareNote1toentrr:
24、Forexamp1.e,apaiient,c1.ient,customer,orhea1.thp1.anmember.3.33userfunctionsentry:systcmhumanhis/hcrbcha1.f.thcsystemtoissuerequeststoobjectsinordertogetthemtoperform4AbbreviatedtermsEVRequirementsVa1.ueusesofauditdata5.1 Ethica1.andforma1.requirements5.1.1 Genera1.hea1.threcordssubjcctsensuringtheirdocumentingusefindingsessentia1.rcquircmentsRestrictingaccesstoSecureorganizationa1.po1.iciesto1.egis
