πΌ AU-9 Protection of Audit Information (L)(M)(H)
- Contextual name: πΌ AU-9 Protection of Audit Information (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/au/09 - Located in: πΌ Audit and Accountability
Descriptionβ
a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and
b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/au/09
- Internal
- ID:
dec-c-55f963cc
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ AU-9 Protection of Audit Information (L)(M)(H) | 3 | 8 | 10 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ AU-9(4) Access by Subset of Privileged Users (M)(H) |
Policies (10)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS CloudTrail is not encrypted with KMS CMK π’ | 1 | π’ x6 |
| π AWS CloudTrail Log File Validation is not enabled π’ | 1 | π’ x6 |
| π Azure Diagnostic Setting for Azure Key Vault is not enabled π’ | π’ x3 | |
| π Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Create Policy Assignment does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Delete Network Security Group does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Delete Security Solution does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Security Alert Notifications to subscription owners are not configured π’ | 1 | π’ x6 |