| TIP: NIST SP 800-53 r4 - Security Control Family: Audit and Accountability

NIST SP 800-53 r4 - Security Control Family: Audit and Accountability - Controls for HIGH Impact Systems, v4

Profile of requirements corresponding to all HIGH impact security controls in NIST Special Publication 800-53, r4, under the control family of Audit and Accountability.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-audit-and-accountability---controls-for-high-impact-systems/4/

Publication Date

2021-04-26

Issuing Organization

Trustmark Initiative (https://trustmarkinitiative.org/) View Contact

Trustmark Support

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, Accountability, Audit, NIST, Security, High

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NISTSP80053r4SecurityControlFamilyAuditandAccountabilityControlsforMODERATEImpactSystems and TIP_NISTSP80053r4SecurityControlAU1AuditandAccountabilityPolicyandProcedures and TIP_NISTSP80053r4SecurityControlAU2AuditEvents and TIP_NISTSP80053r4SecurityControlAU23ReviewsandUpdates and TIP_NISTSP80053r4SecurityControlAU3ContentofAuditRecords and TIP_NISTSP80053r4SecurityControlAU31AdditionalAuditInformation and TIP_NISTSP80053r4SecurityControlAU32CentralizedManagementofPlannedAuditRecordContent and TIP_NISTSP80053r4SecurityControlAU4AuditStorageCapacity and TIP_NISTSP80053r4SecurityControlAU5ResponsetoAuditProcessingFailures and TIP_NISTSP80053r4SecurityControlAU51AuditStorageCapacity and TIP_NISTSP80053r4SecurityControlAU52RealTimeAlerts and TIP_NISTSP80053r4SecurityControlAU6AuditReviewAnalysisandReporting and TIP_NISTSP80053r4SecurityControlAU61ProcessIntegration and TIP_NISTSP80053r4SecurityControlAU63CorrelateAuditRepositories and TIP_NISTSP80053r4SecurityControlAU65IntegrationScanningandMonitoringCapabilities and TIP_NISTSP80053r4SecurityControlAU66CorrelationwithPhysicalMonitoring and TIP_NISTSP80053r4SecurityControlAU7AuditReductionandReportGeneration and TIP_NISTSP80053r4SecurityControlAU71AutomaticProcessing and TIP_NISTSP80053r4SecurityControlAU8TimeStamps and TIP_NISTSP80053r4SecurityControlAU81SynchronizationwithAuthoritativeTimeSource and TIP_NISTSP80053r4SecurityControlAU9ProtectionofAuditInformation and TIP_NISTSP80053r4SecurityControlAU92AuditBackuponSeparatePhysicalSystemsComponents and TIP_NISTSP80053r4SecurityControlAU93CryptographicProtection and TIP_NISTSP80053r4SecurityControlAU94AccessbySubsetofPrivilegedUsers and TIP_NISTSP80053r4SecurityControlAU10NonRepudiation and TIP_NISTSP80053r4SecurityControlAU11AuditRecordRetention and TIP_NISTSP80053r4SecurityControlAU12AuditGeneration and TIP_NISTSP80053r4SecurityControlAU121SystemWideTimeCorrelatedAuditTrail and TIP_NISTSP80053r4SecurityControlAU123ChangesbyAuthorizedIndividuals

References (29)

TIP NIST SP 800-53 r4 - Security Control Family: Audit and Accountability - Controls for MODERATE Impact Systems, v4
Description	Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of Audit and Accountability.
ID	TIP_NISTSP80053r4SecurityControlFamilyAuditandAccountabilityControlsforMODERATEImpactSystems

TIP NIST SP 800-53 r4 Security Control AU-1: Audit and Accountability Policy and Procedures, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-1: Audit and Accountability Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU1AuditandAccountabilityPolicyandProcedures

TIP NIST SP 800-53 r4 Security Control AU-2: Audit Events, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-2: Audit Events. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU2AuditEvents

TIP NIST SP 800-53 r4 Security Control AU-2 (3): Reviews and Updates, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-2 (3): Reviews and Updates. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU23ReviewsandUpdates

TIP NIST SP 800-53 r4 Security Control AU-3: Content of Audit Records, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-3: Content of Audit Records. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU3ContentofAuditRecords

TIP NIST SP 800-53 r4 Security Control AU-3 (1): Additional Audit Information, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-3 (1): Additional Audit Information. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU31AdditionalAuditInformation

TIP NIST SP 800-53 r4 Security Control AU-3 (2): Centralized Management of Planned Audit Record Content, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-3 (2): Centralized Management of Planned Audit Record Content. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU32CentralizedManagementofPlannedAuditRecordContent

TIP NIST SP 800-53 r4 Security Control AU-4: Audit Storage Capacity, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-4: Audit Storage Capacity. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU4AuditStorageCapacity

TIP NIST SP 800-53 r4 Security Control AU-5: Response to Audit Processing Failures, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-5: Response to Audit Processing Failures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU5ResponsetoAuditProcessingFailures

TIP NIST SP 800-53 r4 Security Control AU-5 (1): Audit Storage Capacity, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-5 (1): Audit Storage Capacity. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU51AuditStorageCapacity

TIP NIST SP 800-53 r4 Security Control AU-5 (2): Real-Time Alerts, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-5 (2): Real-Time Alerts. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU52RealTimeAlerts

TIP NIST SP 800-53 r4 Security Control AU-6: Audit Review, Analysis, and Reporting, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6: Audit Review, Analysis, and Reporting. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU6AuditReviewAnalysisandReporting

TIP NIST SP 800-53 r4 Security Control AU-6 (1): Process Integration, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (1): Process Integration. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU61ProcessIntegration

TIP NIST SP 800-53 r4 Security Control AU-6 (3): Correlate Audit Repositories, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (3): Correlate Audit Repositories. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU63CorrelateAuditRepositories

TIP NIST SP 800-53 r4 Security Control AU-6 (5): Integration / Scanning and Monitoring Capabilities, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (5): Integration / Scanning and Monitoring Capabilities. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU65IntegrationScanningandMonitoringCapabilities

TIP NIST SP 800-53 r4 Security Control AU-6 (6): Correlation with Physical Monitoring, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (6): Correlation with Physical Monitoring. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU66CorrelationwithPhysicalMonitoring

TIP NIST SP 800-53 r4 Security Control AU-7: Audit Reduction and Report Generation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-7: Audit Reduction and Report Generation. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU7AuditReductionandReportGeneration

TIP NIST SP 800-53 r4 Security Control AU-7 (1): Automatic Processing, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-7 (1): Automatic Processing. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU71AutomaticProcessing

TIP NIST SP 800-53 r4 Security Control AU-8: Time Stamps, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-8: Time Stamps. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU8TimeStamps

TIP NIST SP 800-53 r4 Security Control AU-8 (1): Synchronization with Authoritative Time Source, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-8 (1): Synchronization with Authoritative Time Source. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU81SynchronizationwithAuthoritativeTimeSource

TIP NIST SP 800-53 r4 Security Control AU-9: Protection of Audit Information, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9: Protection of Audit Information. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU9ProtectionofAuditInformation

TIP NIST SP 800-53 r4 Security Control AU-9 (2): Audit Backup on Separate Physical Systems / Components, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9 (2): Audit Backup on Separate Physical Systems / Components. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU92AuditBackuponSeparatePhysicalSystemsComponents

TIP NIST SP 800-53 r4 Security Control AU-9 (3): Cryptographic Protection, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9 (3): Cryptographic Protection. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU93CryptographicProtection

TIP NIST SP 800-53 r4 Security Control AU-9 (4): Access by Subset of Privileged Users, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9 (4): Access by Subset of Privileged Users. Applicable to MODERATE impact and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU94AccessbySubsetofPrivilegedUsers

TIP NIST SP 800-53 r4 Security Control AU-10: Non-Repudiation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-10: Non-Repudiation. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU10NonRepudiation

TIP NIST SP 800-53 r4 Security Control AU-11: Audit Record Retention, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-11: Audit Record Retention. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU11AuditRecordRetention

TIP NIST SP 800-53 r4 Security Control AU-12: Audit Generation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-12: Audit Generation. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU12AuditGeneration

TIP NIST SP 800-53 r4 Security Control AU-12 (1): System-Wide / Time-Correlated Audit Trail, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-12 (1): System-Wide / Time-Correlated Audit Trail. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU121SystemWideTimeCorrelatedAuditTrail

TIP NIST SP 800-53 r4 Security Control AU-12 (3): Changes by Authorized Individuals, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-12 (3): Changes by Authorized Individuals. Applicable to HIGH impact systems.
ID	TIP_NISTSP80053r4SecurityControlAU123ChangesbyAuthorizedIndividuals

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON