《ISO 27789-2021.docx》由会员分享,可在线阅读,更多相关《ISO 27789-2021.docx(41页珍藏版)》请在第壹文秘上搜索。
1、INTERNATIONA1.STANDARDISO27789editionSecond2021-10Hea1.thinformatics-Audittrai1.sfore1.ectronichea1.threcordsInformatiquedeI1.istonque(TeXPertisedesdossiersdesantinfbrmatissCOPYRIGHTPROTECTEDDOCUMENTISO2021IUirhM*hedbdi1.iUedotherwiseupdhi.o啪InyM1.tta0DmkfifiU81.andonnet8CH-1214Vernier,GenevaPhone:M
2、1.22749O1.11觥曲ite:图洲跳触OQrgPub1.ishedinSwitzer1.andContentsForeword5.1.3Unambiguous.5.2.1ofGovernance7.2.2Event.一117.37.2.5identification7.3.3User7.4AccessNetworkidentification157.5.2OverviewParticipantOverview22187.6.5 Participantobjectdatatypecyc1.eiiiIntroductionviScope1Normativereferences1Termsan
3、ddefinitionsAbbrcviatedtcrms5Requirementsandusesofauditdata5.1Ethica1.andforma1.requirements511Genea1.7.6.6 Accesspo1.icyidentificationofinformationsystemusers7.6.7 Userro1.es67.6.8 Secureauditrecords6Usesauditdataandsupervision7.6.9 Subjectsofcareexercisingtheirrights.77.6.10 Evidenceandretentionre
4、quirements7Triggcrevents76.1 Genera1.6.2 Detai1.softheeventtypesandtheircontents8Access86.2.2ovntstothepeAuditrecorddetai1.s8Thegenera1.recordformat8Triggereventidentification106.2.1 IDactioncode7.2.3 EventdateandUme.117.2.4 Eventoutcomeindicator12UserEventtypecode7.3.1 User1.I)127.3.2 A1.ternativeu
5、serJD137.3.4 isnamerequestor1.1.2 Ro1.e1.D137.3.6 Pu)oseofuse147.4.1 pointaccesspointtypecode7.4.2 NetworkaccesspointII)167.5Auditsourceidentification167.5.1 AuditenterprisesiteID7.5.3 Auditsource1.D177.5.4 Auditsourcetypecode177.6.1 objectidentification7.6.2 Participantobjecttypecode197.6.3 Partidp
6、antobjecttypecodero1.e197.6.4 ID1.ifecodeandrecordentry1.ifecyc1.eevents7.6.6 ParticipantobjectPermissionPoIicySet237.6.8 ParticipantobjectIDsensitiviiy7.6.9 PartidnantObkJC1.name*.24.24.一238Auditrecordsforindividua1.events258.125n8.2Ouorvevont;.267/Securemanagementofauditdata289.1Securitvconsiderat
7、ions289.2Securingtheavai1.abi1.ityoftheauditsystem289.3Recontithercqofirtonendixyandintegrityofaudittrai1.s299.5Accesstoauditdata29Annex A (informative)Auditscenarios30Annex B (informative)Audit1.ogservices36Bib1.iography45Forewordthrough(1.SOmittees.workofPreparingbody1.ntemationa1.Standardsisnorma
8、1.1.ytechnica1.e1.ectrotechnica1.standardization.Internationa1.E1.ectrotechnica1.Commission(IEC)ona1.1.mattersofdescribedtypesOf1.SO/IECdOCUmentSshou1.dbePartiCUIar,documentWasapprova1.accordancewiththeAttcntionrigh1.s.drawnsha1.1.notpossibi1.ityresponsib1.cforidentifyinganythisdOcumen1.patentrights
9、,subjectofconstitutenameendorsement,documentisinformationgivenfortheconvenienceofusersanddoesnotexpressionsre1.ated11ganization(WTO)assessment,asinwe1.1.asinformationBarrierstoTradeadherenceseewithdocumentwasCommitteeStandardizationISO/TCTechnica1./nbrntc5zCENTCco1.1.aborationrevised.secondeditionca
10、nce1.sandrep1.acesthefirstedition(ISO27789:2013),whichhasbeentechnica1.1.y-harmonizationbetweenauditrecordformatandDICOMformat;reviewofthechartin-Annex-;comp1.ete1.istingquestionsbodiesthiscandocumentWWWstandardsbody.AISO(theInternationa1.OrganizationforStandardization)isawor1.dwidefederationofnatio
11、na1.standardsbodiesmemberbodies).TheEachmemberinterestedinsubjectforwhichcarriedOUtcommitteehasbeenestab1.ishedhastherighttoberepresentedonthatcommittee.Internationa1.organizations,governmenta1.andnongovernmenta1.,in1.iaisonwithISO,a1.sotakepartinthework.ISOco1.1.aboratesc1.ose1.ywiththeTheprocedure
12、susedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenancearedifferentintheDirectives,Part1.Innotud.ThiSthediffunm1.draftedincriteriaforeditoria1.ru1.esoftheISO/IECDirectives,Part2(seewww.iso.org/direc1.ives).patentISOtothebehe1.dthatsomethee1.ementsofora1.1.suchmaybetheDetai1.sanypatentrig
13、htsidentifiedduringthedeve1.opmentCehawi1.1.beintheIntroductionand/orontheISO1.istofpatentdec1.arationsreceived(secwww.iso.org/patents).AnytradeusedinthisForanexp1.anationofthevo1.untarynatureofstandards,themeaningofISOspecifictermsandtheWor1.dTradeconformityprincip1.esCheTechnicaIaboutISO,s(TBT)1to
14、www.iso.org/iso/foreword.htm1.ThistheEuropeanpreparedbyforTechnica1.Committee(CEN)215rHeakhComni1.1.cein251,Hea1.thinformatics,inaccordancewiththeAgreementontechnica1.cooperationbetweenISOandCEN(ViennaAgreement).ThisThemainchangesareasfo1.1.ows:reviewofthecontentinAnnexA;bib1.iographyupdate.Anyfeedbackoroftheseonbefoundatshou1.ddirectedusers.Introduction
