CyFun Tracker
PR.PT-1Key Measure

Audit/log records are determined, documented, implemented, and reviewed

Protect · Protective Technology

Fully Automated

Compliance Score

96%

Compliant

Documentation Maturity

4/ 5
x

Target: 2.5

Implementation Maturity

4/ 5
x

Target: 2.5

Control Description

Logging is enabled on all critical systems. Log records include sufficient detail (who, what, when, where). Logs are reviewed regularly and retained according to policy.

Microsoft Graph API Endpoints Used

GET /auditLogs/directoryAuditsGET /auditLogs/signIns

Required Permissions

AuditLog.Read.All
Remediation Guidance

Ensure Unified Audit Logging is enabled in Microsoft 365. Configure audit log retention (minimum 90 days, 1 year recommended). Enable sign-in logs and directory audit logs. Establish a weekly log review process.