Records

Record	Purpose	Cadence	Status
Backup test log (planned)	Evidence that restores are tested	Per service tier — at minimum quarterly	—
Access review log (planned)	Evidence that access is reviewed and pruned	Quarterly	—
Training log (planned)	Evidence of awareness training and policy acknowledgement	On joining and annually	—
Change log (planned)	Evidence that changes follow the change-management procedure	Per change	—

¶ Records