| ๐ผ AU-1 Policy and Procedures (L)(M)(H) | | | | |
| ๐ผ AU-2 Event Logging (L)(M)(H) | | | 6 | |
| ๐ผ AU-3 Content of Audit Records (L)(M)(H) | 1 | | 6 | |
| ย ย ย ย ๐ผ AU-3(1) Additional Audit Information (M)(H) | | | 14 | |
| ๐ผ AU-4 Audit Log Storage Capacity (L)(M)(H) | | | | |
| ๐ผ AU-5 Response to Audit Logging Process Failures (L)(M)(H) | 2 | | | |
| ย ย ย ย ๐ผ AU-5(1) Storage Capacity Warning (H) | | | | |
| ย ย ย ย ๐ผ AU-5(2) Real-time Alerts (H) | | | | |
| ๐ผ AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H) | 6 | 21 | 23 | |
| ย ย ย ย ๐ผ AU-6(1) Automated Process Integration (M)(H) | | | 1 | |
| ย ย ย ย ๐ผ AU-6(3) Correlate Audit Record Repositories (M)(H) | | | 6 | |
| ย ย ย ย ๐ผ AU-6(4) Central Review and Analysis (H) | | | 6 | |
| ย ย ย ย ๐ผ AU-6(5) Integrated Analysis of Audit Records (H) | | | | |
| ย ย ย ย ๐ผ AU-6(6) Correlation with Physical Monitoring (H) | | | | |
| ย ย ย ย ๐ผ AU-6(7) Permitted Actions (H) | | | | |
| ๐ผ AU-7 Audit Record Reduction and Report Generation (M)(H) | 1 | | | |
| ย ย ย ย ๐ผ AU-7(1) Automatic Processing (M)(H) | | | 1 | |
| ๐ผ AU-8 Time Stamps (L)(M)(H) | | | | |
| ๐ผ AU-9 Protection of Audit Information (L)(M)(H) | 3 | 9 | 11 | |
| ย ย �ย ย ๐ผ AU-9(2) Store on Separate Physical Systems or Components (H) | | | | |
| ย ย ย ย ๐ผ AU-9(3) Cryptographic Protection (H) | | | | |
| ย ย ย ย ๐ผ AU-9(4) Access by Subset of Privileged Users (M)(H) | | | | |
| ๐ผ AU-10 Non-repudiation (H) | | | 5 | |
| ๐ผ AU-11 Audit Record Retention (L)(M)(H) | | 17 | 19 | |
| ๐ผ AU-12 Audit Record Generation (L)(M)(H) | 2 | | 47 | |
| ย ย ย ย ๐ผ AU-12(1) System-wide and Time-correlated Audit Trail (H) | | | | |
| ย ย ย ย ๐ผ AU-12(3) Changes by Authorized Individuals (H) | | | | |