Security information and event management system

Security information and event management system

The Office of the Auditor General of Canada required security information and event management technology to replace its existing technology and meet the policy requirements established by the Government of Canada.

Security information and event management technology supports threat detection and security incident response through the collection and analysis of security events from a variety of event and data sources. It also supports compliance reporting and incident investigation through analysis of historical data from these sources.

None of the security information and event management logs collected or outputs (reports or alerts) are shared with any external suppliers or vendors. We deployed the solution on our premises, with no external hosting.

The only time that this type of information is shared with an external organization is in specific cases such as security breaches. In this case, some information may be shared with external parties to coordinate efforts or support an investigation. An approval must first be granted for such disclosures.