| It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Audit processing failures include, software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded.
Organizations must define audit failure events requiring an alarm. When those defined events occur, the mobile operating system must provide a real-time alert to the mobile device management server. By warning the mobile device management server that an audit failure event occurred, appropriate personnel and processes can take corrective action. The mobile operating system should also notify the user in the event intermittent network connectivity is causing the audit failure event.
Rationale for non-applicability: a Mobile Operating System does not have a persistent connection; some parts of the Operating System are not always active, and thus cannot perform real-time checks. |
