IT Baseline Protection Manual S 5.25 Using transmission and reception logs

-->

S 5.25 Using transmission and reception logs

Initiation responsibility: IT Security Management

Implementation responsibility: IT Security Management, Fax Officer

Lists of enacted transmissions (journals) compiled automatically by the fax machine are to be printed out regularly. Specifications must be made as to who will be responsible for the printouts, how long they are to be kept , and how sample checks for irregularities are to be carried out on them. The requirements of the Federal Data Privacy Laws are to be observed here. In particular, access by unauthorised persons should be prevented.

A fax record listing the senders and recipients of fax message should also be kept. Optionally, a fax book showing incoming calls can also be kept.

Another possibility of checking becomes available if the fax machine is connected to a modern telecommunications facility. This makes it possible, for example, to evaluate the charge-data records of the fax subscriber number in the telecommunications system (cf. S 2.40 Timely involvement of the staff/factory council).

Additional controls:

Are the transmission and reception lists checked?

How are these lists archived?

Do users have access to the lists?

© Copyright by
Bundesamt für Sicherheit in der Informationstechnik last update:
Januar 2000
home