💼 AU-9 Protection of Audit Information (L)(M)(H)

• ID: /frameworks/fedramp-moderate-security-controls/au/09

Description

a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and

b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.

Similar

• Sections
  • /frameworks/fedramp-high-security-controls/au/09
• Internal
  • ID: dec-c-55f963cc

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 AU-9 Protection of Audit Information (L)(M)(H)	3	8	11		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AU-9(4) Access by Subset of Privileged Users (M)(H)					no data

Policies (10)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail is not encrypted with KMS CMK🟢	1	🟢 x6	no data
🛡️ AWS CloudTrail Log File Validation is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Diagnostic Setting for Azure Key Vault is not enabled🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Security Alert Notifications to subscription owners are not configured🟢	1	🟢 x6	no data