Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
    • GP-001 Control of documents
    • GP-002 Quality planning
    • GP-003 Audits
    • GP-004 Vigilance system
    • GP-005 Human Resources and Training
    • GP-006 Non-conformity, Corrective and Preventive actions
    • GP-007 Post-market surveillance
    • GP-009 Sales
    • GP-010 Purchases and suppliers evaluation
    • GP-011 Provision of service
    • GP-012 Design, redesign and development
    • GP-013 Risk management
    • GP-014 Feedback and complaints
    • GP-015 Clinical evaluation
    • GP-016 Traceability and identification
    • GP-017 Technical assistance service
    • GP-018 Infrastructure and facilities
      • Templates
        • T-018-001 Infrastructure list and control plan YYYY_nnn
        • T-018-002 Infrastructure and facilities incidents log
        • T-018-003 Audit Log Review Record
        • T-018-004 Backup verification record YYYY_nnn
      • Specific procedures
    • GP-019 Non-product software validation
    • GP-020 QMS Data analysis
    • GP-021 Communications
    • GP-022 Document translation
    • GP-023 Change control management
    • GP-024 Predetermined Change Control Plan
    • GP-025 Usability and Human Factors Engineering
    • GP-027 Corporate Governance
    • GP-028 AI Development
    • GP-029 Software Delivery and Commissioning
    • GP-030 Cyber Security Management
    • GP-050 Data Protection
    • GP-051 Security violations
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-100 Business Continuity (BCP) and Disaster Recovery plans (DRP)
    • GP-101 Information security
    • GP-200 Remote Data Acquisition in Clinical Investigations
    • GP-026 Market-specific product requirements
    • GP-110 Esquema Nacional de Seguridad
  • Records
  • Legit.Health Plus Version 1.1.0.0
  • Legit.Health Plus Version 1.1.0.1
  • Legit.Health Utilities
  • Licenses and accreditations
  • Applicable Standards and Regulations
  • Pricing
  • Public tenders
  • Procedures
  • GP-018 Infrastructure and facilities
  • Templates
  • T-018-003 Audit Log Review Record

T-018-003 Audit Log Review Record

Review Information​

FieldValue
Review PeriodFrom: YYYY-MM-DD To: YYYY-MM-DD
Review DateYYYY-MM-DD
ReviewerName / JD-XXX
Review Type☐ Semi-annual scheduled ☐ Incident-triggered ☐ Ad-hoc

Log Sources Reviewed​

Log SourceReviewedComments
AWS CloudTrail☐ Yes ☐ No ☐ N/A
Application logs☐ Yes ☐ No ☐ N/A
Database logs☐ Yes ☐ No ☐ N/A
Linux auth logs☐ Yes ☐ No ☐ N/A
Security alerts (GuardDuty/SecurityHub)☐ Yes ☐ No ☐ N/A

Findings Summary​

Failed Authentication Attempts​

Date/TimeSourceUser/ServiceDetailsSeverity
☐ Low ☐ Medium ☐ High

Unusual Access Patterns​

Date/TimeSourceUser/ServiceDetailsSeverity
☐ Low ☐ Medium ☐ High

Unauthorized Resource Access Attempts​

Date/TimeSourceUser/ServiceResourceDetailsSeverity
☐ Low ☐ Medium ☐ High

Other Security Concerns​

Date/TimeSourceDetailsSeverity
☐ Low ☐ Medium ☐ High

Overall Assessment​

Assessment AreaStatusComments
Access controls functioning correctly☐ Yes ☐ No
No unauthorized access detected☐ Yes ☐ No
Compliance with SP-018-001 verified☐ Yes ☐ No
Log retention adequate☐ Yes ☐ No

Actions Taken or Recommended​

Finding ReferenceActionResponsibleDue DateStatus
☐ Open ☐ In Progress ☐ Completed

Non-Conformities Raised​

NC ReferenceDescriptionRelated Finding

Conclusion​

☐ No significant findings - Infrastructure security is adequate
☐ Minor findings documented - Monitoring continues
☐ Significant findings - Actions defined above
☐ Critical findings - Escalated to JD-001/JD-003

Additional Comments:


Record signature meaning​

  • Author: JD-005 Author name
  • Review: JD-004 Reviewer name
  • Approval: JD-001 Approver name

Template signature meaning​

info

Delete this section when you create a new record from this template.

  • Author: JD-004 María Diez
  • Review: JD-005 Alfonso Medela
  • Approval: JD-001 Andy Aguilar
Previous
T-018-002 Infrastructure and facilities incidents log
Next
T-018-004 Backup verification record YYYY_nnn
  • Review Information
  • Log Sources Reviewed
  • Findings Summary
    • Failed Authentication Attempts
    • Unusual Access Patterns
    • Unauthorized Resource Access Attempts
    • Other Security Concerns
  • Overall Assessment
  • Actions Taken or Recommended
  • Non-Conformities Raised
  • Conclusion
  • Record signature meaning
  • Template signature meaning
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI Labs Group S.L.)