[PCI DSS 3.0] 10.5 Secure audit trails so they cannot be altered.

10.5 Secure audit trails so they cannot be altered.

10.5 Interview system administrators and examine system configurations and permissions to verify that audit trails are secured so that they cannot be altered as follows: (See 10.5.#)

Often a malicious individual who has entered the network will attempt to edit the audit logs in order to hide their activity. Without adequate protection of audit logs, their completeness, accuracy, and integrity cannot be guaranteed, and the audit logs can be rendered useless as an investigation tool after a compromise.