💼 AU-9 Protection of Audit Information (L)(M)(H)

• Contextual name: 💼 AU-9 Protection of Audit Information (L)(M)(H)
• ID: /frameworks/fedramp-moderate-security-controls/au/09
• Located in: 💼 Audit and Accountability

Description

a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and

b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.

Similar

• Sections
  • /frameworks/fedramp-high-security-controls/au/09
• Internal
  • ID: dec-c-55f963cc

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AU-9 Protection of Audit Information (L)(M)(H)	3	9	11

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AU-9(4) Access by Subset of Privileged Users (M)(H)

Policies (11)

Policy	Logic Count	Flags
📝 AWS Account Multi-Region CloudTrail is not enabled 🟢	1	🟢 x6
📝 AWS CloudTrail is not encrypted with KMS CMK 🟢	1	🟢 x6
📝 AWS CloudTrail Log File Validation is not enabled 🟢	1	🟢 x6
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢		🟢 x3
📝 Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟢	1	🟢 x6
📝 Azure Subscription Security Alert Notifications to subscription owners are not configured 🟢	1	🟢 x6