(2) include audit trails designed to detect and respond to Cybersecurity Events that have a reasonable likelihood of materially harming any material part of the normal operations of the Covered Entity.

Entity Section Shall

(b) Each Covered Entity shall maintain records required by section 500.06(a)(1) of this Part for not fewer than five years and shall maintain records required by section 500.06(a)(2) of this Part for not fewer than three years.

Section 500.00Introduction.

Section 500.01Definitions.

Section 500.02Cybersecurity Program.

Section 500.03Cybersecurity Policy.

Section 500.04Chief Information Security Officer.

Section 500.05Penetration Testing and Vulnerability Assessments.

Section 500.06Audit Trail.

Section 500.07Access Privileges.

Section 500.08Application Security.

Section 500.09Risk Assessment.

Section 500.10Cybersecurity Personnel and Intelligence.

Section 500.11Third Party Service Provider Security Policy.

Section 500.12Multi-Factor Authentication.

Section 500.13Limitations on Data Retention.

Section 500.14Training and Monitoring.

Section 500.15Encryption of Nonpublic Information.

Section 500.16Incident Response Plan.

Section 500.17Notices to Superintendent.

Section 500.18Confidentiality.

Section 500.19Exemptions.

Section 500.20Enforcement.

Section 500.21Effective Date.

Section 500.22Transitional Periods.

Section 500.23Severability.

Section 500.06

Audit Trail.

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Section 500.06

Audit Trail.