💼 AC-2(4) Automated Audit Actions (M)(H)

• Contextual name: 💼 AC-2(4) Automated Audit Actions (M)(H)
• ID: /frameworks/fedramp-high-security-controls/ac/02/04
• Located in: 💼 AC-2 Account Management (L)(M)(H)

Description

Automatically audit account creation, modification, enabling, disabling, and removal actions.

Similar

• Sections
  • /frameworks/nist-sp-800-53-r5/ac/02/04
• Internal
  • ID: dec-c-69b1657c

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		11	13

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP Moderate Security Controls → 💼 AC-2(4) Automated Audit Actions (M)(H)			13

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (13)

Policy	Logic Count	Flags
📝 AWS Account IAM Access Analyzer is not enabled for all regions 🟢	1	🟢 x6
📝 AWS Account Multi-Region CloudTrail is not enabled 🟢	1	🟢 x6
📝 AWS CloudTrail Disable CMK or Schedule CMK Deletion Events Monitoring is not enabled 🟢		🟢 x3
📝 AWS CloudTrail IAM Policy Changes Monitoring is not enabled 🟢		🟢 x3
📝 AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟢	1	🟢 x6
📝 AWS S3 Bucket Server Access Logging is not enabled 🟢	1	🟢 x6
📝 Azure Diagnostic Setting captures Administrative, Alert, Policy, and Security categories 🟢	1	🟢 x6
📝 Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟢	1	🟢 x6
📝 Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Security Alert Notifications for alerts with High severity are not configured 🟢	1	🟢 x6
📝 Azure Subscription Security Alert Notifications to subscription owners are not configured 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-z-3f480eb5	1