Key Security Events for ISO 27001:2013 Compliance

Account Logon
Credential Validation
The computer attempted to validate the credentials for an account
Kerberos Authentication Service
Kerberos pre-authentication failed
This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).
Kerberos Service Ticket Operations
A Kerberos service ticket was requested
Account Management
Security Group Management
A member was added to a security-enabled local group
A member was added to a security-enabled global group
A member was added to a security-enabled universal group
User Account Management
A user account was changed
A user account was deleted
A user account was disabled
An attempt was made to reset an account's password
A user account was enabled
A user account was created
A user account was locked out
A user account was unlocked
Detailed Tracking
Process Creation
A new process has been created
An account was successfully logged on
Logon, Account Lockout
An account failed to log on
Other Logon/Logoff Events
A replay attack was detected
The workstation was locked
The workstation was unlocked
The screen saver was invoked
The screen saver was dismissed
Policy Change
Authentication Policy Change
Domain Policy was changed
System security access was removed from an account
System security access was granted to an account
Authorization Policy Change
A user right was removed
A user right was assigned
Other System Events
The audit log was cleared

Are you compliant?

Check your audit settings now


Audit Policy Requirements

Category Subcategory Audit Type
Policy Change Authentication Policy Change Success
Policy Change Authorization Policy Change Success
Account Logon Credential Validation Success, Failure
Account Logon Kerberos Authentication Service Failure
Account Logon Kerberos Service Ticket Operations Success, Failure
Logon/Logoff Logon Success
Logon/Logoff Logon, Account Lockout Failure
Logon/Logoff Other Logon/Logoff Events Success
System Other System Events Success
Detailed Tracking Process Creation Success
Account Management Security Group Management Success
Account Management User Account Management Success