Version: 1.2

Approved By: Richard D’Lonesteen

Created at: 12/09/2023

1. Purpose

This policy establishes the requirements for the logging and monitoring of events related to the security and operation of ChattyAI. The objectives are to:

• Ensure the integrity, availability, and confidentiality of system logs.
• Detect and respond promptly to security incidents and operational issues.
• Comply with legal, regulatory, and contractual obligations.
• Uphold personal privacy and data protection standards.

2. Scope

This policy applies to all event logs generated by SaaS applications, underlying infrastructure, network devices, and any supporting services managed by ChattyA. It encompasses:

• All employees, contractors, consultants, temporary staff, and any other personnel with access to these systems.
• All systems and devices, whether on-premises or hosted in the cloud, that process or store company or customer data.

3. Definitions

• Event Logging: Recording of events, transactions, or messages generated by applications, systems, or network devices.
• Access Control: Mechanisms that restrict access to logs based on user identity and assigned privileges.
• Administrator and Operator Logs: Logs specifically related to the activities performed by system administrators and operators.
• Clock Synchronization: Alignment of time settings across all systems to ensure consistent timestamping.
• Centralized Logging: Aggregation of logs from multiple sources into a single, centralized repository for analysis.