In this article, we’ll get a bit more technical and discuss specific procedures about how access events and video events are supplied to law enforcement in the case of emergencies or investigations, and auditors in the case of audits. We’ll first discuss what sorts of events require a paper trail, and what sorts of paper trails they need, and then how access control might supply these.
What types of events require audit trails?
There are broadly two types of events that require an audit trail of events: Unexpected events, and scheduled audits.
The first event that you’ll need an audit trail for is an unexpected event with negative consequences. This could be a burglary, a workplace violation, or any sort of complaint that needs to be backed up by some real evidence.
Unfortunately, as the name suggests, you can’t foresee these events. This means is that you should have your event and audit trail constantly active and recording information. We’ll go through what this implies in a later section.
At any office in the United States, there will be some sort of quarterly audit regarding finances, compliance, and office usages at the very least. This can be the SOC2 audit, a PCI audit, or any other of the various ones out there. And while you’ll know when the are scheduled, they will require a full audit trail of your systems for whatever aspect of your business they are investigating. As a result, it’s useful (and mandatory, if you want to avoid fines) to have some sort of perpetual and uninterrupted audit trail.
What length of audit trail is required?
Depending on the particular audit or investigation you are subjected to, there are also different lengths of trails required. Some might only require a week, whereas the bigger ones, like the SOC2 and PCI, will require a full year of access logs. You should keep this in mind when choosing how to store your data.
How does access control supply its required logs?
Different audits require different logs, and it would go outside the scope of this article to discuss all of them (and outside the scope of our expertise!) We will, however, discuss what access logs are required for any sort of audit that covers office usage and compliance.
What are the features of an event audit?
Typically, an event audit has to be provided in one of two formats: either a CSV file or an XLS data sheet. It essentially has to be remotely exportable and has to be able to be sent via email immediately. This means that your access provider should give you the option to export your data easily because manually filling in a data sheet with all access events would be a real headache. It should be as easy as clicking an “export” button, as on the Kisi dashboard, pictured below.
Beyond just giving you the data, the information should be formatted correctly. It should have all the required pieces, like timestamps, users, access events, success (or not), door accessed, and it should be in an easily identifiable and readable format. Moreover, it should be downloadable by any authorized user, in case the primary administrator is unavailable at the time it’s required. A good benchmark for data is shown below, in Kisi’s event exports.
What’s the future of event exports for audits?
In the future, there are two main tracks of innovation that we see: In compliance software, and in access control software.
In the world of audit compliance, we think there should be software that can integrate directly with access control, and pull events directly from the logs when requested to do so. So while the audit agency, or police, would not have access to your access control software, they would be able to view logs that they are legally allowed and required to view.
The next is in access control software. Companies like Kisi are constantly improving their systems and software, and as they do so, one of the realms of improvement is in data tracking and visualization. It’s likely that often only a specific subset of all your access logs will need to be pulled, so giving you the flexibility and power to view only what you need, in an easy way, is certainly attractive and useful.
At any company, audits are inevitable, and access events will be one of the main features under scrutiny. As a result, it’s important that your access provider makes the process of pulling event logs and data as easy as possible, and that they grant you all the data you may need.