AU-9(3)

  • Requirement

    Implement cryptographic mechanisms to protect the integrity of audit information and audit tools.

  • Discussion

    Cryptographic mechanisms used for protecting the integrity of audit information include signed hash functions using asymmetric cryptography. This enables the distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash.

More Info

  • Title

    Protection of Audit Information | Cryptographic Protection
  • Family

    Audit and Accountability
  • NIST 800-53B Baseline(s)

    • High
  • Related NIST 800-53 ID

    AU-10;SC-12;SC-13

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!