Maintain reviewer or releaser credentials within the established chain of custody for information reviewed or released.
(a) Validate the binding of the information reviewer identity to the information at the transfer or release points prior to release or transfer between [Assignment: organization-defined security domains]; and (b) Perform [Assignment: organization-defined actions] in the event of a validation error.
[Withdrawn: Incorporated into AU-7(1).]
Retain audit records for [Assignment: organization-defined time period consistent with records retention policy] to provide support for after-the-fact investigations of incidents and to meet regulatory and organizational information retention requirements.
Employ [Assignment: organization-defined measures] to ensure that long-term audit records generated by the system can be retrieved.
a. Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2a on [Assignment: organization-defined system components]; b. Allow [Assignment: organization-defined personnel or roles] to select the event types that are to be logged by specific components of the system; and c. Generate audit records for the event types defined in AU-2c that include the audit record content defined in AU-3.
Compile audit records from [Assignment: organization-defined system components] into a system-wide (logical or physical) audit trail that is time-correlated to within [Assignment: organization-defined level of tolerance for the relationship between time stamps of individual records in the audit trail].
Produce a system-wide (logical or physical) audit trail composed of audit records in a standardized format.
Provide and implement the capability for [Assignment: organization-defined individuals or roles] to change the logging to be performed on [Assignment: organization-defined system components] based on [Assignment: organization-defined selectable event criteria] within [Assignment: organization-defined time thresholds].
Provide and implement the capability for auditing the parameters of user query events for data sets containing personally identifiable information.
Passcode