Audit and Accountability (AU)

FedRAMP - Access by Subset of Privileged User AU-9(4)

Thu, Sep 29, 2022 0 0 404 0/5 (0 Vote)

Overview:The organization authorizes access to management of audit functionality to only [Assignment: organization-defined subset of privileged users]. Supplemental Guidance:Individuals with privileged access to an information system and who are also... Read More

FedRAMP - Additional Audit Information AU-3(1)

Thu, Sep 29, 2022 0 0 418 0/5 (0 Vote)

Overview:The information system generates audit records containing the following additional information: [Assignment: organization-defined additional, more detailed information]. Supplemental Guidance:Detailed information that organizations may... Read More

FedRAMP - Audit and Accountability Policy and Procedures AU-1

Thu, Sep 29, 2022 0 0 434 0/5 (0 Vote)

Overview:The organization:a. Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]:1. An audit and accountability policy that addresses purpose, scope, roles, responsibilities, management commitment,... Read More

FedRAMP - Audit Backup on Separate Physical Systems and Components AU-9(2)

Thu, Sep 29, 2022 0 0 431 0/5 (0 Vote)

Overview:The information system backs up audit records [Assignment: organization-defined frequency] onto a physically different system or system component than the system or component being audited. Supplemental Guidance:This control enhancement... Read More

FedRAMP - Audit Events AU-2

Thu, Sep 29, 2022 0 0 458 0/5 (0 Vote)

Overview:The organization:a. Determines that the information system is capable of auditing the following events: [Assignment: organization-defined auditable events];b. Coordinates the security audit function with other organizational entities... Read More

FedRAMP - Audit Generation AU-12

Thu, Sep 29, 2022 0 0 424 0/5 (0 Vote)

Overview:The information system:a. Provides audit record generation capability for the auditable events defined in AU-2 a. at [Assignment: organization-defined information system components];b. Allows [Assignment: organization-defined personnel or... Read More

FedRAMP - Audit Record Retention AU-11

Thu, Sep 29, 2022 0 0 542 0/5 (0 Vote)

Overview:The organization retains audit records for [Assignment: organization-defined time period consistent with records retention policy] to provide support for after-the-fact investigations of security incidents and to meet regulatory and... Read More

FedRAMP - Audit Reduction and Report Generation AU-7

Thu, Sep 29, 2022 0 0 406 0/5 (0 Vote)

Overview:The information system provides an audit reduction and report generation capability that:a. Supports on-demand audit review, analysis, and reporting requirements and after-the-fact investigations of security incidents; andb. Does not alter... Read More

FedRAMP - Audit Review, Analysis, and Reporting AU-6

Thu, Sep 29, 2022 0 0 409 0/5 (0 Vote)

Overview:The organization:a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; andb. Reports findings to ... Read More

FedRAMP - Audit Storage Capacity AU-4

Thu, Sep 29, 2022 0 0 399 0/5 (0 Vote)

Overview:The organization allocates audit record storage capacity in accordance with [Assignment:organization-defined audit record storage requirements]. Supplemental Guidance:Organizations consider the types of auditing to be performed and the audit... Read More

Results 1 - 10 of 19