Audit and Accountability (AU)
Write audit trails to hardware-enforced, write-once media.
Audit and Accountability (AU)
Store audit records [Assignment: organization-defined frequency] in a repository that is part of a physically different system or system component than the system or component being audited.
Audit and Accountability (AU)
Implement cryptographic mechanisms to protect the integrity of audit information and audit tools.
Audit and Accountability (AU)
Authorize access to management of audit logging functionality to only [Assignment: organization-defined subset of privileged users or roles].
Audit and Accountability (AU)
Enforce dual authorization for [Selection (one or more): movement; deletion] of [Assignment: organization-defined audit information].
Audit and Accountability (AU)
Authorize read-only access to audit information to [Assignment: organization-defined subset of privileged users or roles].
Audit and Accountability (AU)
Store audit information on a component running a different operating system than the system or component being audited.
Audit and Accountability (AU)
Level N/A
Provide irrefutable evidence that an individual (or process acting on behalf of an individual) has performed [Assignment: organization-defined actions to be covered by non-repudiation].
Audit and Accountability (AU)
(a) Bind the identity of the information producer with the information to [Assignment: organization-defined strength of binding]; and (b) Provide the means for authorized individuals to determine the identity of the producer of the information.
Audit and Accountability (AU)
(a) Validate the binding of the information producer identity to the information at [Assignment: organization-defined frequency]; and (b) Perform [Assignment: organization-defined actions] in the event of a validation error.
