Skip to Content

FedRAMP - Protection of Audit Information AU-9

620  Matthew Burdick September 29, 2022  Audit and Accountability (AU)

Overview:
The information system protects audit information and audit tools from unauthorized access, modification, and deletion.


Supplemental Guidance:
Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. This control focuses on technical protection of audit information. Physical protection of audit information is addressed by media protection controls and physical and environmental protection controls.


Related controls: AC-3, AC-6, MP-2, MP-4, PE-2, PE-3, PE-6.


Action Items:
1) Ensures that the system protects audit information and audit tools from unauthorized access, modification, and deletion

 

Related Documents:
1) Audit and Accountability Policy

2) Logging and Monitoring Policy


Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none


Moderate Additional FedRAMP Requirements and Guidance
none
Not Rated
Secure Code