Overview:
The information system protects audit information and audit tools from unauthorized access, modification, and deletion.
Supplemental Guidance:
Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. This control focuses on technical protection of audit information. Physical protection of audit information is addressed by media protection controls and physical and environmental protection controls.
Related controls: AC-3, AC-6, MP-2, MP-4, PE-2, PE-3, PE-6.
Action Items:
1) Ensures that the system protects audit information and audit tools from unauthorized access, modification, and deletion
Related Documents:
1) Audit and Accountability Policy
2) Logging and Monitoring Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 620
Created: September 29, 2022
Last Updated: September 29, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-protection-of-audit-information-au-9-620.html