AU-9(2)

  • Requirement

    Store audit records [Assignment: organization-defined frequency] in a repository that is part of a physically different system or system component than the system or component being audited.

  • Discussion

    Storing audit records in a repository separate from the audited system or system component helps to ensure that a compromise of the system being audited does not also result in a compromise of the audit records. Storing audit records on separate physical systems or components also preserves the confidentiality and integrity of audit records and facilitates the management of audit records as an organization-wide activity. Storing audit records on separate systems or components applies to initial generation as well as backup or long-term storage of audit records.

More Info

  • Title

    Protection of Audit Information | Store on Separate Physical Systems or Components
  • Family

    Audit and Accountability
  • NIST 800-53B Baseline(s)

    • High
  • Related NIST 800-53 ID

    AU-4;AU-5

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!