The organization must be aware of the logs that accrue from the use of different data systems, whether generating the logs is the responsibility of the organization or the system provider. Logs record user actions as well as anomalies, errors, and security incidents.
The adequacy of log should be reviewed regularly. If necessary, log should be usable to determine the root causes for system incidents.