AU-12

  • Requirement

    1. Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2a on [Assignment: organization-defined system components];
    2. Allow [Assignment: organization-defined personnel or roles] to select the event types that are to be logged by specific components of the system; and
    3. Generate audit records for the event types defined in AU-2c that include the audit record content defined in AU-3.
  • Discussion

    Audit records can be generated from many different system components. The event types specified in AU-2d are the event types for which audit logs are to be generated and are a subset of all event types for which the system can generate audit records.

More Info

  • Title

    Audit Record Generation
  • Family

    Audit and Accountability
  • NIST 800-53B Baseline(s)

    • Low
    • Moderate
    • High
  • Related NIST 800-53 ID

    AC-6;AC-17;AU-2;AU-3;AU-4;AU-5;AU-6;AU-7;AU-14;CM-5;MA-4;MP-4;PM-12;SA-8;SC-18;SI-3;SI-4;SI-7;SI-10

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!