AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING

Page last updated:

PCF Compliance

Compliance with this requirement is the deployer’s responsibility. The organization must define appropriate policies, and implement the supplementary procedural controls. All implied technical requirements are satisfied by the PCF platform.

Details

policy and procedure


Control Description

The organization:

  1. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; and
  2. Reports findings to [Assignment: organization-defined personnel or roles].

Supplemental Guidance

Audit review, analysis, and reporting covers information security-related auditing performed by organizations including, for example, auditing that results from monitoring of account usage, remote access, wireless connectivity, mobile device connection, configuration settings, system component inventory, use of maintenance tools and nonlocal maintenance, physical access, temperature and humidity, equipment delivery and removal, communications at the information system boundaries, use of mobile code, and use of VoIP. Findings can be reported to organizational entities that include, for example, incident response team, help desk, information security group/department. If organizations are prohibited from reviewing and analyzing audit information or unable to conduct such activities (e.g., in certain national security applications or systems), the review/analysis may be carried out by other organizations granted such authority.