💼 AU-9 Protection of Audit Information (L)(M)(H)

Description

a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and

b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AU-9 Protection of Audit Information	7	2	5		no data

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP Low Security Controls → 💼 AU-9 Protection of Audit Information (L)(M)(H)			10		no data
💼 FedRAMP Moderate Security Controls → 💼 AU-9 Protection of Audit Information (L)(M)(H)	1		10		no data

Section	Policies	Compliance
💼 AU-9(2) Store on Separate Physical Systems or Components (H)	1	no data
💼 AU-9(3) Cryptographic Protection (H)		no data
💼 AU-9(4) Access by Subset of Privileged Users (M)(H)		no data

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail is not encrypted with KMS CMK🟢	1	🟢 x6	no data
🛡️ AWS CloudTrail Log File Validation is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Diagnostic Setting for Azure Key Vault is not enabled🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Security Alert Notifications to subscription owners are not configured🟢	1	🟢 x6	no data