What is the minimum log retention period specified in requirement 10.7?

The minimum log retention period specified in requirement 10.7 is one year, with the stipulation that three months of logs must be immediately available for analysis. This requirement emphasizes the importance of maintaining security logs for a sufficient duration to support forensic investigations and compliance checks. Retaining logs for one year allows organizations to detect and respond to security incidents that may not be immediately apparent, as well as to review patterns over time.

The additional requirement for three months of logs to be readily available ensures that a portion of the logging data can be quickly accessed for real-time analysis or investigation purposes, which is crucial following a security event. This balancing act between retention and accessibility is designed to facilitate effective incident response while still adhering to data governance practices and compliance needs.