IT-i9002 Log Data Retention for Information Technology Services
Effective Date Jan 1, 2018
Data is oftentimes stored in logs for the purposes of troubleshooting computer or network problems, or to provide audit trails of activity.
This policy defines the standard log file retention policies for Information Technology Services.
This policy applies to all system administrators in charge of servers operated by the IT department that collect log data.
Log data that is collected for the purposes of auditing or diagnosing computer or network issues will be retained for 4 weeks.
Log data must be set aside and preserved when a legal request is made by a law enforcement agency. Log data will not be handed over until a legal court order or subpoena is served to collect the data.
Backing up log data is not required, but a system administrator may do so at their discretion.