Skip to main content

💼 AC-2(4) Automated Audit Actions (M)(H)

  • ID: /frameworks/fedramp-high-security-controls/ac/02/04

Description

Automatically audit account creation, modification, enabling, disabling, and removal actions.

Similar

  • Sections
    • /frameworks/nist-sp-800-53-r5/ac/02/04
  • Internal
    • ID: dec-c-69b1657c

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions1416no data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 FedRAMP Moderate Security Controls → 💼 AC-2(4) Automated Audit Actions (M)(H)16no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (16)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢1🟢 x6no data
🛡️ AWS Account Multi-Region CloudTrail is not enabled🟢1🟢 x6no data
🛡️ AWS CloudFront Distribution Logging is not enabled🟢1🟢 x6no data
🛡️ AWS CloudTrail Disable CMK or Schedule CMK Deletion Events Monitoring is not enabled🟢⚪🟢 x2, ⚪ x1no data
🛡️ AWS CloudTrail IAM Policy Changes Monitoring is not enabled🟢⚪🟢 x2, ⚪ x1no data
🛡️ AWS CloudTrail S3 Bucket Access Logging is not enabled.🟢1🟢 x6no data
🛡️ AWS DMS Migration Task Logging is not enabled🟢1🟢 x6no data
🛡️ AWS EKS Cluster Logging is not enabled for all control plane logs types🟢1🟢 x6no data
🛡️ AWS S3 Bucket Server Access Logging is not enabled🟢1🟢 x6no data
🛡️ Azure Diagnostic Setting captures Administrative, Alert, Policy, and Security categories🟢1🟢 x6no data
🛡️ Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests🟢1🟢 x6no data
🛡️ Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests🟢1🟢 x6no data
🛡️ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist🟢1🟢 x6no data
🛡️ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist🟢1🟢 x6no data
🛡️ Azure Subscription Security Alert Notifications for alerts with High or Critical severity are not configured🟢1🟢 x6no data
🛡️ Azure Subscription Security Alert Notifications to subscription owners are not configured🟢1🟢 x6no data