{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to all supplemental security controls in NIST Special Publication 800-53, r4, under the control family of Audit and Accountability.", "Keywords": [ "800-53", "Accountability", "Audit", "NIST", "Security", "Supplemental" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 - Security Control Family: Audit and Accountability - Supplemental Controls", "TrustExpression": "TIP_NISTSP80053r4SecurityControlAU41TransfertoAlternateStorage and TIP_NISTSP80053r4SecurityControlAU53ConfigurableTrafficVolumeThresholds and TIP_NISTSP80053r4SecurityControlAU54ShutdownonFailure and TIP_NISTSP80053r4SecurityControlAU64CentralReviewandAnalysis and TIP_NISTSP80053r4SecurityControlAU67PermittedActions and TIP_NISTSP80053r4SecurityControlAU68FullTextAnalysisofPrivilegedCommands and TIP_NISTSP80053r4SecurityControlAU69CorrelationwithInformationfromNontechnicalSources and TIP_NISTSP80053r4SecurityControlAU610AuditLevelAdjustment and TIP_NISTSP80053r4SecurityControlAU72AutomaticSortandSearch and TIP_NISTSP80053r4SecurityControlAU82SecondaryAuthoritativeTimeSource and TIP_NISTSP80053r4SecurityControlAU91HardwareWriteOnceMedia and TIP_NISTSP80053r4SecurityControlAU95DualAuthorization and TIP_NISTSP80053r4SecurityControlAU96ReadOnlyAccess and TIP_NISTSP80053r4SecurityControlAU101AssociationofIdentities and TIP_NISTSP80053r4SecurityControlAU102ValidateBindingofInformationProducerIdentity and TIP_NISTSP80053r4SecurityControlAU103ChainofCustody and TIP_NISTSP80053r4SecurityControlAU104ValidateBindingofInformationReviewerIdentity and TIP_NISTSP80053r4SecurityControlAU111LongTermRetrievalCapability and TIP_NISTSP80053r4SecurityControlAU122StandardizedFormats and TIP_NISTSP80053r4SecurityControlAU13MonitoringforInformationDisclosure and TIP_NISTSP80053r4SecurityControlAU131UseofAutomatedTools and TIP_NISTSP80053r4SecurityControlAU132ReviewofMonitoredSites and TIP_NISTSP80053r4SecurityControlAU14SessionAudit and TIP_NISTSP80053r4SecurityControlAU141SystemStartUp and TIP_NISTSP80053r4SecurityControlAU142CaptureRecordandLogContent and TIP_NISTSP80053r4SecurityControlAU143RemoteViewingListening and TIP_NISTSP80053r4SecurityControlAU15AlternateAuditCapability and TIP_NISTSP80053r4SecurityControlAU16CrossOrganizationalAuditing and TIP_NISTSP80053r4SecurityControlAU161IdentityPreservation and TIP_NISTSP80053r4SecurityControlAU162SharingofAuditInformation", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-audit-and-accountability---supplemental-controls/4/", "Version": "4", "References": {"TrustInteroperabilityProfileReferences": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-4-_1__-transfer-to-alternate-storage/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-4 (1): Transfer to Alternate Storage.", "Number": 1, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-4 (1): Transfer to Alternate Storage", "$id": "TIP_NISTSP80053r4SecurityControlAU41TransfertoAlternateStorage" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-5-_3__-configurable-traffic-volume-thresholds/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-5 (3): Configurable Traffic Volume Thresholds.", "Number": 2, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-5 (3): Configurable Traffic Volume Thresholds", "$id": "TIP_NISTSP80053r4SecurityControlAU53ConfigurableTrafficVolumeThresholds" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-5-_4__-shutdown-on-failure/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-5 (4): Shutdown on Failure.", "Number": 3, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-5 (4): Shutdown on Failure", "$id": "TIP_NISTSP80053r4SecurityControlAU54ShutdownonFailure" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-6-_4__-central-review-and-analysis/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (4): Central Review and Analysis.", "Number": 4, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-6 (4): Central Review and Analysis", "$id": "TIP_NISTSP80053r4SecurityControlAU64CentralReviewandAnalysis" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-6-_7__-permitted-actions/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (7): Permitted Actions.", "Number": 5, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-6 (7): Permitted Actions", "$id": "TIP_NISTSP80053r4SecurityControlAU67PermittedActions" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-6-_8__-full-text-analysis-of-privileged-commands/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (8): Full Text Analysis of Privileged Commands.", "Number": 6, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-6 (8): Full Text Analysis of Privileged Commands", "$id": "TIP_NISTSP80053r4SecurityControlAU68FullTextAnalysisofPrivilegedCommands" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-6-_9__-correlation-with-information-from-nontechnical-sources/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (9): Correlation with Information from Nontechnical Sources.", "Number": 7, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-6 (9): Correlation with Information from Nontechnical Sources", "$id": "TIP_NISTSP80053r4SecurityControlAU69CorrelationwithInformationfromNontechnicalSources" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-6-_10__-audit-level-adjustment/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-6 (10): Audit Level Adjustment.", "Number": 8, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-6 (10): Audit Level Adjustment", "$id": "TIP_NISTSP80053r4SecurityControlAU610AuditLevelAdjustment" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-7-_2__-automatic-sort-and-search/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-7 (2): Automatic Sort and Search.", "Number": 9, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-7 (2): Automatic Sort and Search", "$id": "TIP_NISTSP80053r4SecurityControlAU72AutomaticSortandSearch" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-8-_2__-secondary-authoritative-time-source/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-8 (2): Secondary Authoritative Time Source.", "Number": 10, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-8 (2): Secondary Authoritative Time Source", "$id": "TIP_NISTSP80053r4SecurityControlAU82SecondaryAuthoritativeTimeSource" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-9-_1__-hardware-write-once-media/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9 (1): Hardware Write-Once Media.", "Number": 11, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-9 (1): Hardware Write-Once Media", "$id": "TIP_NISTSP80053r4SecurityControlAU91HardwareWriteOnceMedia" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-9-_5__-dual-authorization/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9 (5): Dual Authorization.", "Number": 12, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-9 (5): Dual Authorization", "$id": "TIP_NISTSP80053r4SecurityControlAU95DualAuthorization" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-9-_6__-read-only-access/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-9 (6): Read Only Access.", "Number": 13, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-9 (6): Read Only Access", "$id": "TIP_NISTSP80053r4SecurityControlAU96ReadOnlyAccess" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-10-_1__-association-of-identities/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-10 (1): Association of Identities.", "Number": 14, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-10 (1): Association of Identities", "$id": "TIP_NISTSP80053r4SecurityControlAU101AssociationofIdentities" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-10-_2__-validate-binding-of-information-producer-identity/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-10 (2): Validate Binding of Information Producer Identity.", "Number": 15, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-10 (2): Validate Binding of Information Producer Identity", "$id": "TIP_NISTSP80053r4SecurityControlAU102ValidateBindingofInformationProducerIdentity" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-10-_3__-chain-of-custody/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-10 (3): Chain of Custody.", "Number": 16, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-10 (3): Chain of Custody", "$id": "TIP_NISTSP80053r4SecurityControlAU103ChainofCustody" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-10-_4__-validate-binding-of-information-reviewer-identity/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-10 (4): Validate Binding of Information Reviewer Identity.", "Number": 17, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-10 (4): Validate Binding of Information Reviewer Identity", "$id": "TIP_NISTSP80053r4SecurityControlAU104ValidateBindingofInformationReviewerIdentity" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-11-_1__-long-term-retrieval-capability/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-11 (1): Long-Term Retrieval Capability.", "Number": 18, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-11 (1): Long-Term Retrieval Capability", "$id": "TIP_NISTSP80053r4SecurityControlAU111LongTermRetrievalCapability" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-12-_2__-standardized-formats/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-12 (2): Standardized Formats.", "Number": 19, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-12 (2): Standardized Formats", "$id": "TIP_NISTSP80053r4SecurityControlAU122StandardizedFormats" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-13_-monitoring-for-information-disclosure/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-13: Monitoring for Information Disclosure.", "Number": 20, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-13: Monitoring for Information Disclosure", "$id": "TIP_NISTSP80053r4SecurityControlAU13MonitoringforInformationDisclosure" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-13-_1__-use-of-automated-tools/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-13 (1): Use of Automated Tools.", "Number": 21, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-13 (1): Use of Automated Tools", "$id": "TIP_NISTSP80053r4SecurityControlAU131UseofAutomatedTools" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-13-_2__-review-of-monitored-sites/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-13 (2): Review of Monitored Sites.", "Number": 22, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-13 (2): Review of Monitored Sites", "$id": "TIP_NISTSP80053r4SecurityControlAU132ReviewofMonitoredSites" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-14_-session-audit/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-14: Session Audit.", "Number": 23, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-14: Session Audit", "$id": "TIP_NISTSP80053r4SecurityControlAU14SessionAudit" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-14-_1__-system-start-up/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-14 (1): System Start-Up.", "Number": 24, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-14 (1): System Start-Up", "$id": "TIP_NISTSP80053r4SecurityControlAU141SystemStartUp" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-14-_2__-capture_record-and-log-content/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-14 (2): Capture/Record and Log Content.", "Number": 25, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-14 (2): Capture/Record and Log Content", "$id": "TIP_NISTSP80053r4SecurityControlAU142CaptureRecordandLogContent" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-14-_3__-remote-viewing-_-listening/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-14 (3): Remote Viewing / Listening.", "Number": 26, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-14 (3): Remote Viewing / Listening", "$id": "TIP_NISTSP80053r4SecurityControlAU143RemoteViewingListening" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-15_-alternate-audit-capability/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-15: Alternate Audit Capability.", "Number": 27, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-15: Alternate Audit Capability", "$id": "TIP_NISTSP80053r4SecurityControlAU15AlternateAuditCapability" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-16_-cross-organizational-auditing/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-16: Cross-Organizational Auditing.", "Number": 28, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-16: Cross-Organizational Auditing", "$id": "TIP_NISTSP80053r4SecurityControlAU16CrossOrganizationalAuditing" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-16-_1__-identity-preservation/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-16 (1): Identity Preservation.", "Number": 29, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-16 (1): Identity Preservation", "$id": "TIP_NISTSP80053r4SecurityControlAU161IdentityPreservation" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-au-16-_2__-sharing-of-audit-information/4/", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AU-16 (2): Sharing of Audit Information.", "Number": 30, "Version": "4", "$Type": "TrustInteroperabilityProfileReference", "Name": "NIST SP 800-53 r4 Security Control AU-16 (2): Sharing of Audit Information", "$id": "TIP_NISTSP80053r4SecurityControlAU162SharingofAuditInformation" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }