Skip to main content

πŸ’Ό AU-2 AUDIT EVENTS

Description​

The organization: AU-2a. Determines that the information system is capable of auditing the following events: [Assignment: organization-defined auditable events]; AU-2b. Coordinates the security audit function with other organizational entities requiring audit-related information to enhance mutual support and to help guide the selection of auditable events; AU-2c. Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and AU-2d. Determines that the following events are to be audited within the information system: [Assignment: organization-defined audited events (the subset of the auditable events defined in AU-2 a.) along with the frequency of (or situation requiring) auditing for each identified event].

Similar​

  • Internal
    • ID: dec-c-7091dbbd

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations1619
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy1720

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AU-2 (1) COMPILATION OF AUDIT RECORDS FROM MULTIPLE SOURCES
πŸ’Ό AU-2 (2) SELECTION OF AUDIT EVENTS BY COMPONENT
πŸ’Ό AU-2 (3) REVIEWS AND UPDATES
πŸ’Ό AU-2 (4) PRIVILEGED FUNCTIONS

Policies (3)​

PolicyLogic CountFlags
πŸ“ AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟒1🟒 x6
πŸ“ AWS S3 Bucket Server Access Logging is not enabled 🟒1🟒 x6
πŸ“ AWS VPC Flow Logs are not enabled 🟒1🟠 x1, 🟒 x5

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-9c0416671
βœ‰οΈ dec-x-e00143332