Doc:NIST SP 800-53r3 Appendix F/AU-6
AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING
- Control: The organization:
- a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of inappropriate or unusual activity, and reports findings to designated organizational officials; and
- b. Adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk to organizational operations, organizational assets, individuals, other organizations, or the Nation based on law enforcement information, intelligence information, or other credible sources of information.
- Supplemental Guidance: Related control: AU-7.
- Control Enhancements: