Doc:NIST SP 800-53r3 Appendix F/AU-6

From FISMApedia
Revision as of 02:58, 17 May 2010 by DanPhilpott (talk) (1 revision: Subpages for SP 800-53r3 Controls)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING

Control: The organization:
a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of inappropriate or unusual activity, and reports findings to designated organizational officials; and
b. Adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk to organizational operations, organizational assets, individuals, other organizations, or the Nation based on law enforcement information, intelligence information, or other credible sources of information.
Supplemental Guidance: Related control: AU-7.
Control Enhancements: