Overview:
The organization authorizes access to management of audit functionality to only [Assignment: organization-defined subset of privileged users].
Supplemental Guidance:
Individuals with privileged access to an information system and who are also the subject of an audit by that system, may affect the reliability of audit information by inhibiting audit activities or modifying audit records. This control enhancement requires that privileged access be further defined between audit-related privileges and other privileges, thus limiting the users with audit-related privileges.
Related control: AC-5.
Action Items:
1) Ensure only privileged users have access to audit log management functionality
Related Documents:
1) Audit and Accountability Policy
2) Logging and Monitoring Policy
3) Access Control
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 622
Created: September 29, 2022
Last Updated: September 29, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-access-by-subset-of-privileged-user-au-9-4-622.html