Doc:NIST SP 800-53r3 Appendix F/AU-6

From FISMApedia
Jump to: navigation, search

AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING

Control: The organization:
a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of inappropriate or unusual activity, and reports findings to designated organizational officials; and
b. Adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk to organizational operations, organizational assets, individuals, other organizations, or the Nation based on law enforcement information, intelligence information, or other credible sources of information.
Supplemental Guidance: Related control: AU-7.
Control Enhancements: