Doc:NIST SP 800-53r3 Appendix F/AU-12

From FISMApedia
Jump to: navigation, search


Control: The information system:
a. Provides audit record generation capability for the list of auditable events defined in AU-2 at [Assignment: organization-defined information system components];
b. Allows designated organizational personnel to select which auditable events are to be audited by specific components of the system; and
c. Generates audit records for the list of audited events defined in AU-2 with the content as defined in AU-3.
Supplemental Guidance: Audits records can be generated from various components within the information system. The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating audit records (i.e., auditable events). Related controls: AU-2, AU-3.
Control Enhancements: