IT Policy/CPNI/2

From CSWiki
Revision as of 10:39, 19 April 2006 by Akovacs (talk | contribs)

Jump to: navigation, search

Paragaph 2: Recording all electronic access to CPNI seems like a heavy burden. If it isn't, we should add a line explaining why not.

Paragraph 4: "Preserve audit logs for 5 years or as long as CPNI data is kept WHICHEVER IS LONGER"- should we synchonize this with the "limiting data retention" time periods on page 11? For example, "...required to maintian the integrity of the audit logs and preserve them for five years or as long as the CPNI data is kept, subject to the revisions suggested in section six of this submission."

Paragraph 6: I would strike this paragraph, given that the issue of small companies is covered for all measures in section 7. - Andrew K