| 💼 AU-1 Policy and Procedures (L)(M)(H) | | | | |
| 💼 AU-2 Event Logging (L)(M)(H) | | | 17 | |
| 💼 AU-3 Content of Audit Records (L)(M)(H) | 1 | | 14 | |
|     💼 AU-3(1) Additional Audit Information (M)(H) | | | 14 | |
| 💼 AU-4 Audit Log Storage Capacity (L)(M)(H) | | | | |
| 💼 AU-5 Response to Audit Logging Process Failures (L)(M)(H) | 2 | | | |
|     💼 AU-5(1) Storage Capacity Warning (H) | | | | |
|     💼 AU-5(2) Real-time Alerts (H) | | | | |
| 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H) | 6 | 20 | 24 | |
|     💼 AU-6(1) Automated Process Integration (M)(H) | | | 1 | |
|     💼 AU-6(3) Correlate Audit Record Repositories (M)(H) | | | 8 | |
|     💼 AU-6(4) Central Review and Analysis (H) | | | 8 | |
|     💼 AU-6(5) Integrated Analysis of Audit Records (H) | | | | |
|     💼 AU-6(6) Correlation with Physical Monitoring (H) | | | | |
|     💼 AU-6(7) Permitted Actions (H) | | | | |
| 💼 AU-7 Audit Record Reduction and Report Generation (M)(H) | 1 | | 17 | |
|     💼 AU-7(1) Automatic Processing (M)(H) | | | 1 | |
| 💼 AU-8 Time Stamps (L)(M)(H) | | | | |
| 💼 AU-9 Protection of Audit Information (L)(M)(H) | 3 | 8 | 10 | |
|     💼 AU-9(2) Store on Separate Physical Systems or Components (H) | | | | |
|     💼 AU-9(3) Cryptographic Protection (H) | | | | |
|     💼 AU-9(4) Access by Subset of Privileged Users (M)(H) | | | | |
| 💼 AU-10 Non-repudiation (H) | | | 7 | |
| 💼 AU-11 Audit Record Retention (L)(M)(H) | | 16 | 18 | |
| 💼 AU-12 Audit Record Generation (L)(M)(H) | 2 | | 65 | |
|     💼 AU-12(1) System-wide and Time-correlated Audit Trail (H) | | | | |
|     💼 AU-12(3) Changes by Authorized Individuals (H) | | | | |