Audit and Accountability (AU)
Level N/A
a. Use internal system clocks to generate time stamps for audit records; and b. Record time stamps for audit records that meet [Assignment: organization-defined granularity of time measurement] and that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp.
Audit and Accountability (AU)
[Withdrawn: Incorporated into AU-6.]
Audit and Accountability (AU)
[Withdrawn: Incorporated into SI-4.]
Audit and Accountability (AU)
Level N/A
a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.
Audit and Accountability (AU)
Write audit trails to hardware-enforced, write-once media.
Audit and Accountability (AU)
Store audit records [Assignment: organization-defined frequency] in a repository that is part of a physically different system or system component than the system or component being audited.
Audit and Accountability (AU)
Implement cryptographic mechanisms to protect the integrity of audit information and audit tools.
Audit and Accountability (AU)
Authorize access to management of audit logging functionality to only [Assignment: organization-defined subset of privileged users or roles].
Audit and Accountability (AU)
Enforce dual authorization for [Selection (one or more): movement; deletion] of [Assignment: organization-defined audit information].
Audit and Accountability (AU)
Authorize read-only access to audit information to [Assignment: organization-defined subset of privileged users or roles].
