| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an information system compiles audit records from into a time-correlated system-wide audit trail.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit processing failure actions as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit processing failure alerts as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit record generation capability as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit record retention as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs organization-defined measures to ensure that long-term audit records generated by the information system can be retrieved.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides an audit reduction and report generation capability that does not alter the original content or time ordering of audit records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an audit reduction and report generation capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability to process audit records for events of interest based on organization-defined audit fields within audit records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability to sort and search audit records for events of interest based on the content of organization-defined audit fields within audit records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system provides the capability to centrally review and analyze audit records from multiple components within the system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization analyzes and correlates audit records across different repositories.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization correlates information from nontechnical sources with audit information to enhance organization-wide situational awareness.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization correlates information from audit records with physical access information/records.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization performs a full text analysis of audited privileged commands in a physically distinct component or subsystem of the information system, or other information system that is dedicated to that analysis.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization integrates analysis of audit records with other system monitoring data.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization specifies the permitted actions for each information system process, role, or user associated with the review, analysis, and reporting of audit information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employes automated mechanisms for audit review, analysis, and reporting.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for audit storage capacity as related to overall audit and accountability requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system off-loads audit records organization-defined frequency onto a different system or media than the system being audited.
|
1.0 |
|
Auditable Chain Of Custody Is In Place When Information Is Obtained To Confirm Subscriber Attributes
Addresses the requirement for an organization to require an auditable chain of custody when information sent to a CA to confirm Subscriber attributes.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs an audited override of automated access control mechanisms under organization-defined conditions.
|
1.0 |
|
Addresses the requirement for auditing processes to only ceaser at system or application shutdown.
|
1.0 |
|
Addresses the requirement for auditing processes to be enabled at system or application startup.
|
1.0 |
