Audit and Accountability

NIST 800-171 - Alert Audit Processing Failure (3.3.4)

Mon, Sep 26, 2022 0 0 347 0/5 (0 Vote)

Overview:Alert in the event of an audit process failure. Action Items:3.3.4[a]Determine if: personnel or roles to be alerted in the event of an audit logging process failure are identified. 3.3.4[b]Determine if: types of audit logging process... Read More

NIST 800-171 - Audit Event Review (3.3.3)

Mon, Sep 26, 2022 0 0 337 0/5 (0 Vote)

Overview:Review and update audited events. Action Items:3.3.3[a]Determine if: a process for determining when to review logged events is defined. 3.3.3[b]Determine if: event types being logged are reviewed in accordance with the defined review process... Read More

NIST 800-171 - Audit Reduction and Report Generation (3.3.6)

Mon, Sep 26, 2022 0 0 341 0/5 (0 Vote)

Overview:Provide audit reduction and report generation to support on-demand analysis and reporting. Action Items:3.3.6[a]Determine if: an audit record reduction capability that supports on-demand analysis is provided. 3.3.6[b]Determine if: a report... Read More

NIST 800-171 - Auditable Event Generation (3.3.1)

Mon, Sep 26, 2022 0 0 370 0/5 (0 Vote)

Overview:Create, protect, and retain information system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information system activity. Action Items:3.3.1[a... Read More

NIST 800-171 - Authorized Access to Audit Functionality (3.3.9)

Mon, Sep 26, 2022 0 0 319 0/5 (0 Vote)

Overview:Limit management of audit functionality to a subset of privileged users. Action Items:3.3.9[a]Determine if: a subset of privileged users granted access to manage audit logging functionality is defined. 3.3.9[b]Determine if: management of... Read More

NIST 800-171 - Automated Event Correlation (3.3.5)

Mon, Sep 26, 2022 0 0 336 0/5 (0 Vote)

Overview:Use automated mechanisms to integrate and correlate audit review, analysis, and reporting processes for investigation and response to indications of inappropriate, suspicious, or unusual activity. Action Items:3.3.5[a]Determine if: audit... Read More

NIST 800-171 - Protection of Audit Information (3.3.8)

Mon, Sep 26, 2022 0 0 348 0/5 (0 Vote)

Overview:Protect audit information and audit tools from unauthorized access, modification, and deletion. Action Items:3.3.8[a]Determine if: audit information is protected from unauthorized access. 3.3.8[b]Determine if: audit information is protected... Read More

NIST 800-171 - Time stamps and Synchronization (3.3.7)

Mon, Sep 26, 2022 0 0 359 0/5 (0 Vote)

Overview:Provide an information system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records. Action Items:3.3.7[a]Determine if: internal system clocks are used to... Read More

NIST 800-171 - Unique User Identifier (3.3.2)

Mon, Sep 26, 2022 0 0 349 0/5 (0 Vote)

Overview:Ensure that the actions of individual information system users can be uniquely traced to those users so they can be held accountable for their actions. Action Items:3.3.2[a]Determine if: the content of the audit records needed to support the... Read More