ITCi has released this "audit checklist" related to logging. It is a little light on the details, but is worth reading - or giving to your boss to read! - anyway.
"This checklist supports an internal audit of the organization's logging, monitoring, and reporting policies and procedures as a function of compliance, risk management, and governance. Offering concrete recommendations, this checklist aims to help management ensure the overall confidentiality, integrity and availability of IT systems and infrastructure.