Security event logging

Explanation: Provide a tamper-resistant audit trail for security-related events, such as software installation, user authentication, and so on).
Vulnerabilities addressed: Addresses accountability by providing an after-the-fact trail for forensic analysis.
Developer resources required: Requires identification of security related event types and implementation of tamper resistant, append-only security event logs.
Evaluator resources required: Requires manual review of identified security related event types and of design and implementation of logging mechanisms and security event generation mechanisms.
Source: www.computer.org