Audit and accountability

From SecWiki
Jump to: navigation, search

Controls in Audit and accountability family excluding retired controls:


Identifier Name Priority Baseline
AU-1 Audit and accountability policy and procedures P1 Low, Mod, High
AU-2 Audit events P1 Low, Mod, High
AU-3 Content of audit records P1 Low, Mod, High
AU-4 Audit storage capacity P1 Low, Mod, High
AU-5 Response to audit processing failures P1 Low, Mod, High
AU-6 Audit review, analysis, and reporting P1 Low, Mod, High
AU-7 Audit reduction and report generation P2 Mod, High
AU-8 Time stamps P1 Low, Mod, High
AU-9 Protection of audit information P1 Low, Mod, High
AU-10 Non-repudiation P2 High
AU-11 Audit record retention P3 Low, Mod, High
AU-12 Audit generation P1 Low, Mod, High
AU-13 Monitoring for information disclosure P0
AU-14 Session audit P0
AU-15 Alternate audit capability P0
AU-16 Cross-organizational auditing P0