Table 25: Auditable Events And Auditable Information - Ricoh Gestetner MP 4001 Manual

recorded when any kind of auditable event occurs. Expanded audit information is data recorded for the
generation of auditable events that require additional information for audit. Table 25 shows the audit
information for each auditable event.
If there is insufficient space in the audit log files to append new audit log files, older audit logs (identifiable
by their time and date details) are overwritten with newer audit logs.

Table 25: Auditable events and auditable information

Auditable events
Starting Audit Function (*1)
Ending Audit Function (*1)
Login
Starting Lockout
Releasing Lockout (*2)
Lockout release at TOE startup
HDD encryption key generation
Successful storage of document
data
Successful reading of document
data (*3)
Successful deletion
document data
Receiving fax
Changing user password
(including new creation and
deletion)
Deletion of administrator role
Addition of administrator role
Changing document data ACL
Changing date and time of
system clock
Communication with trusted IT
product
Communication with remote
user
Deletion of entire audit log
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Basic audit information
- Date/time of event
- Types of event (auditable events
in this table)
- Subject identity (*4)
- Outcome
of
Audit logs
Expanded audit information
-
-
-
Locked out user
Locked out user who is to be
released
Release methods (auto Lockout
release/manual Lockout release)
-
-
ID of object document data
ID of object document data
ID of object document data
-
The ID of the user i n the event
of
creation/changing/deletion
another user's
details
-
-
ID of object document data
-
Communication IP address
-
-
-: No applicable expanded audit information
Page 65 of 81
new
of
authentication