IT-i9002 Log Data Retention for Information Technology Services

Effective Date: 2015-01-01

1.0 Overview

Data is oftentimes stored in logs for the purposes of troubleshooting computer or network problems, or to provide audit trails of activity.

2.0 Purpose

This policy defines the standard log file retention policies for Information Technology Services.

3.0 Scope

This policy applies to all system administrators in charge of servers operated by the IT department that collect log data.

4.0 Policies

Log data that is collected for the purposes of auditing or diagnosing computer or network issues will be retained for 4 weeks.

Log data must be set aside and preserved when a legal request is made by a law enforcement agency. Log data will not be handed over until a legal court order or subpoena is served to collect the data.

Backing up log data is not required, but a system administrator may do so at their discretion.