Information Technology Reference
In-Depth Information
Category/
Subcategory/
Element
Control
Reference
Control Summary
Interpretation
Audit and
Accountability
AU
AU-1
Audit and
accountability
policy and
procedures
The organization develops,
disseminates, and periodically
reviews/updates: (i) a formal,
documented audit and
accountability policy that
addresses purpose, scope, roles,
responsibilities, management
commitment, coordination
among organizational entities,
and compliance; and (ii) formal,
documented procedures to
facilitate the implementation of
the audit and accountability
policy and associated audit and
accountability controls.
AU-2
Auditable events
The information system generates
audit records for the following
events: [assignment: organization-
defined auditable events].
AU-3
Content of audit
records
The information system produces
audit records that contain
sufficient information to establish
what events occurred, the sources
of the events, and the outcomes
of the events.
AU-4
Audit storage
capacity
The organization allocates
sufficient audit record storage
capacity and configures auditing
to reduce the likelihood of such
capacity being exceeded.
AU-5
Response to audit
processing failures
The information system alerts
appropriate organizational
officials in the event of an audit
processing failure and takes the
following additional actions:
[assignment: organization-
defined actions to be taken (e.g.,
shut down information system,
overwrite oldest audit records,
stop generating audit records)].
