AU-13

  • Requirement

    1. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and
    2. If an information disclosure is discovered:
      1. Notify [Assignment: organization-defined personnel or roles]; and
      2. Take the following additional actions: [Assignment: organization-defined additional actions].
  • Discussion

    Unauthorized disclosure of information is a form of data leakage. Open-source information includes social networking sites and code-sharing platforms and repositories. Examples of organizational information include personally identifiable information retained by the organization or proprietary information generated by the organization.

More Info

  • Title

    Monitoring for Information Disclosure
  • Family

    Audit and Accountability
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

      AC-22;PE-3;PM-12;RA-5;SC-7;SI-20

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!