Skip to main content

💼 AU-2 AUDIT EVENTS

Description

The organization: AU-2a. Determines that the information system is capable of auditing the following events: [Assignment: organization-defined auditable events]; AU-2b. Coordinates the security audit function with other organizational entities requiring audit-related information to enhance mutual support and to help guide the selection of auditable events; AU-2c. Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and AU-2d. Determines that the following events are to be audited within the information system: [Assignment: organization-defined audited events (the subset of the auditable events defined in AU-2 a.) along with the frequency of (or situation requiring) auditing for each identified event].

Similar

  • Internal
    • ID: dec-c-7091dbbd

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST CSF v1.1 → 💼 ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations1519
💼 NIST CSF v1.1 → 💼 PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy1632

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags
💼 AU-2 (1) COMPILATION OF AUDIT RECORDS FROM MULTIPLE SOURCES
💼 AU-2 (2) SELECTION OF AUDIT EVENTS BY COMPONENT
💼 AU-2 (3) REVIEWS AND UPDATES
💼 AU-2 (4) PRIVILEGED FUNCTIONS

Policies (4)

PolicyLogic CountFlags
📝 AWS CloudFront Distribution Logging is not enabled 🟢1🟢 x6
📝 AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟢1🟢 x6
📝 AWS S3 Bucket Server Access Logging is not enabled 🟢1🟢 x6
📝 AWS VPC Flow Logs are not enabled 🟢1🟠 x1, 🟢 x5

Internal Rules

RulePoliciesFlags
✉️ dec-x-9c0416671
✉️ dec-x-a5c2acfe1
✉️ dec-x-e00143332