Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
    • GP-001 Control of documents
    • GP-002 Quality planning
    • GP-003 Audits
    • GP-004 Vigilance system
    • GP-005 Human Resources and Training
    • GP-006 Non-conformity, Corrective and Preventive actions
    • GP-007 Post-market surveillance
    • GP-008 Product requirements
    • GP-009 Sales
    • GP-010 Purchases and suppliers evaluation
    • GP-011 Provision of service
    • GP-012 Design, Redesign and Development
    • GP-013 Risk management
    • GP-014 Feedback and complaints
    • GP-015 Clinical evaluation
    • GP-016 Traceability and identification
    • GP-017 Technical assistance service
    • GP-018 Infrastructure and facilities
    • GP-019 Software validation plan
    • GP-020 QMS Data analysis
    • GP-021 Communications
    • GP-022 Document translation
    • GP-023 Change control management
    • GP-024 Cybersecurity
    • GP-025 Corporate Governance
    • GP-026 Product requirements for US market
    • GP-027 Product requirements for UK market
    • GP-028 Product requirements for the Brazilian market
    • GP-050 Data Protection
    • GP-051 Security violations
      • Templates
        • T-051-001 API event logs
        • T-051-002 Security groups
        • T-051-003 EC2 instances
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-100 Business Continuity (BCP) and Disaster Recovery plans (DRP)
    • GP-101 Information security
    • GP-200 Remote Data Acquisition in Clinical Investigations
  • Records
  • TF_Legit.Health_Plus
  • Licenses and accreditations
  • External documentation
  • Procedures
  • GP-051 Security violations
  • Templates
  • T-051-001 API event logs

T-051-001 API event logs

  • Governed by GP-051 Security violations

Purpose​

Review API events logs looking for suspicious actions

Periodicity​

Every 2 weeks

Cloud trail of AWS review​

ResponsibleDateDashboard reviewInsights review
Help

At the review columns it will be indicated if the review was satisfactory (OK) or if any unexpected action was detected (see below). In this case the reference of the incidence (according to procedure GP-018 Infrastructure and facilities) or non-conformity (GP-006 Non-conformity. Corrective and Preventive actions) was included to allow traceability of the actions.

Criteria for acceptance​

The logs are reviewed and no suspicious actions are detected:

  • Each user is connecting from the expected IP.
  • Users are performing the expected actions.

List of unexpected actions:

  • Changing other user's credentials.
  • Creating new users with administrator permissions.
  • Accessing resources that are not part of the project.
  • Deleting critical resources as buckets, databases or EC2 instances.

Record signature meaning​

  • Author: JD-005 Author name
  • Review: JD-004 Reviewer name
  • Approval: JD-001 Approver name

Template signature meaning​

info

Delete this section when you create a new record from this template.

  • Author: JD-004 María Diez
  • Review: JD-007 Gerardo Fernández
  • Approval: JD-001 Ms. Andy Aguilar
Previous
Templates
Next
T-051-002 Security groups
  • Purpose
  • Periodicity
    • Cloud trail of AWS review
    • Criteria for acceptance
  • Record signature meaning
  • Template signature meaning
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI LABS GROUP S.L.)