19
Just realized my old mentor was right about incident response logs
He told me to stop summarizing and write down every single action with timestamps, and after a breach audit last month I saw why - my vague notes almost got us fined. Anyone else have a piece of criticism that made you totally rework your process?
2 comments
Log in to join the discussion
Log In2 Comments
paulc9311d ago
Huh, I don't know man. It feels a bit overblown to me. Like yeah, logs are important but getting fined over vague notes? That sounds like a company looking for someone to blame more than a real risk. I've worked at places where the auditors just wanted to see that something was written down and they moved on. Maybe your mentor is just super strict or your compliance team is extra paranoid. I'm not saying it's wrong to be detailed, but acting like one summary note can get you in legal trouble seems like a stretch. Unless you're in some super regulated industry where they audit every line, I think people overthink this stuff.
4
jason56211d ago
Three years at a fintech shop changed my mind on this @paulc93. I used to think the same thing until a single log entry cost us a $50k fine. The issue isn't auditors looking for something written down, its regulators reading your notes in court. A vague summary that says "investigated issue" with no timestamp or what you actually did can look like a cover up. Our compliance team told us thats how they prove you knew about a problem and didn't take it seriously. You dont need every line audited, just the ones that show up in a lawsuit. And trust me, one bad note can make you the scapegoat.
3