Security and Compliance

Logging and Monitoring Policy

Logging, review, retention, and monitoring standards under PCI DSS Requirement 10.


Logging & Monitoring Policy (PCI DSS Requirement 10)

Updated: January 1, 2026

Approved By: Jennifer Lyssy, CEO

1. Purpose

This policy defines the requirements for logging, monitoring, and reviewing system activity to detect, prevent, and respond to security events and protect cardholder data.

2. Scope

Applies to all systems, applications, and personnel involved in storing, processing, or transmitting cardholder data.

3. Policy Statement

Botanic, LLC maintains logging and monitoring controls to detect unauthorized access, anomalies, and suspicious activity across all systems.

4. Roles and Responsibilities

Security Officer / IT Lead

Oversees logging and monitoring activities

Reviews logs and ensures remediation

Technical Personnel

Maintain logging systems

Investigate alerts and anomalies

5. Logging Requirements

Audit logs must be enabled for all systems and must capture:

User access to systems

Administrative actions

Failed login attempts

Changes to user accounts and privileges

System-level changes

Access to audit logs

Each log entry must include:

User ID

Event type

Date and time

Success or failure

Source of activity

6. Log Protection

Logs are restricted to authorized personnel

Logs are protected from modification

Logs are backed up securely

File integrity monitoring detects unauthorized changes

7. Log Review

Logs are reviewed at least daily for:

Security events

Critical systems

Servers and infrastructure

Automated monitoring tools may be used

All anomalies are investigated and resolved

8. Log Retention

Logs are retained for at least 12 months

At least 3 months must be immediately accessible

9. Time Synchronization

All systems use synchronized time (NTP/UTC)

Time settings are protected and monitored

10. Failure Detection

Failures of security systems (logging, IDS, firewalls, etc.) must:

Be detected and alerted

Be investigated

Be documented

Be remediated promptly

11. Policy Review

Reviewed annually and updated as needed.

12. Compliance

Failure to comply may result in disciplinary action.

© 2025-2026 Botanic, LLC

Physical: 22507 Felicia Drive, Spicewood, TX 78669

Mailing: 15511 Hwy 71 West, Suite 110, #420, Bee Cave, TX 78738

(833) 722-8339 | Information: info@shopbotanic.co | Support: support@shopbotanic.co

Terms and Conditions | Privacy Policy | Data Protection Policy | Anti-Money Laundering (AML) Policy

Subscription Policy | Refund and Return Policy | Shipping Policy

Secure Online Identity and Age Verification Policy | Disclaimers | Certificates of Analysis

Information Security Policy | Security Testing and Monitoring Policy

Policies and Procedures | Compensation Plan | Income Disclosure Statement | Web Hosting Provider Notice

You must be 21+ to visit this website.

This website uses Secure Online Age Verification for all hemp products. We provide an easy checkout experience while following the latest age regulations. We match customer information from your checkout form against our identity networks to verify that you meet minimum age requirements. Our hemp-derived products are compliant with the 2018 Federal Farm Bill, containing less than 0.3% delta-9 THC by weight. All products are lab-tested for quality and compliance with legal standards. These statements have not been evaluated by the Food and Drug Administration. This product is not intended to diagnose, treat, cure, or prevent any disease. Always consult your physician before starting any wellness regimen. This content is for informational purposes only. It is not intended to take the place of medical advice or treatment from a personal physician. All readers of this content should consult their physician or qualified healthcare professional regarding specific health questions, especially those taking prescription or over-the-counter medications. We do not take responsibility for possible health consequences of any person reading and/or following this informational content. Income is not guaranteed. Earnings depend on individual effort and sales performance. Success stories are unique, and results vary depending on individual effort. All prices are in USD. Secured with TLS encryption. Botanic is a USA company that provides plant-based wellness products.

Log in with your credentials

Forgot your details?