Doc:NIST SP 800-53r3 Appendix F/AU-5
AU-5 RESPONSE TO AUDIT PROCESSING FAILURES
- Control: The information system:
- a. Alerts designated organizational officials in the event of an audit processing failure; and
- b. Takes the following additional actions: [Assignment: organization-defined actions to be taken (e.g., shut down information system, overwrite oldest audit records, stop generating audit records)].
- Supplemental Guidance: Audit processing failures include, for example, software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded. Related control: AU-4.
- Control Enhancements: