FedRAMP Automated Monitoring / Control AC-17 (1)

Overview:
The information system monitors and controls remote access methods.

Supplemental Guidance:
Automated monitoring and control of remote access sessions allows organizations to detect cyber attacks and also ensure ongoing compliance with remote access policies by auditing connection activities of remote users on a variety of information system components (e.g., servers, workstations, notebook computers, smart phones, and tablets).

Related Controls: AU-2, AU-12

Action Items:
1) Ensure all remote access is monitored

Related Documents:
1) Access Control Policy
2) Logging and Monitoring Policy
3) Remote Access Policy

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none