>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AU-3(1)Content Of Audit Records

PBMM (P2)
Secret (P2)
Technical

>Control Description

CONTENT OF AUDIT RECORDS | ADDITIONAL AUDIT INFORMATION The information system generates audit records containing the following additional information: organization-defined additional, more detailed information.

>Supplemental Guidance

Detailed information that organizations may consider in audit records includes, for example, full text recording of privileged commands or the individual identities of group account users. Organizations consider limiting the additional audit information to only that information explicitly needed for specific audit requirements. This facilitates the use of audit trails and audit logs by not including information that could potentially be misleading or could make it more difficult to locate information of interest.

>Tailoring Guidance

Additional guidance for enhancement (1): Audit events should always be capable of being associated with an individual identity. Associating audit events with a group or role is insufficient.

Ask AI

Configure your API key to use AI features.