💼 AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING
- ID:
/frameworks/nist-sp-800-53-r4/au/06
Description
The organization: AU-6a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; and AU-6b. Reports findings to [Assignment: organization-defined personnel or roles].
Similar
- Internal
- ID:
dec-c-4db811b3
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 DE.AE-2: Detected events are analyzed to understand attack targets and methods | 18 | 23 | no data | ||
| 💼 NIST CSF v1.1 → 💼 DE.AE-3: Event data are collected and correlated from multiple sources and sensors | 18 | 37 | no data | ||
| 💼 NIST CSF v1.1 → 💼 DE.DP-4: Event detection information is communicated | 29 | 32 | no data | ||
| 💼 NIST CSF v1.1 → 💼 ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations | 15 | 19 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy | 16 | 32 | no data | ||
| 💼 NIST CSF v1.1 → 💼 RS.AN-1: Notifications from detection systems are investigated | 18 | 23 | no data | ||
| 💼 NIST CSF v1.1 → 💼 RS.CO-2: Incidents are reported consistent with established criteria | 19 | 22 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 AU-6 (1) PROCESS INTEGRATION | no data | ||||
| 💼 AU-6 (2) AUTOMATED SECURITY ALERTS | no data | ||||
| 💼 AU-6 (3) CORRELATE AUDIT REPOSITORIES | no data | ||||
| 💼 AU-6 (4) CENTRAL REVIEW AND ANALYSIS | no data | ||||
| 💼 AU-6 (5) INTEGRATION _ SCANNING AND MONITORING CAPABILITIES | no data | ||||
| 💼 AU-6 (6) CORRELATION WITH PHYSICAL MONITORING | no data | ||||
| 💼 AU-6 (7) PERMITTED ACTIONS | no data | ||||
| 💼 AU-6 (8) FULL TEXT ANALYSIS OF PRIVILEGED COMMANDS | no data | ||||
| 💼 AU-6 (9) CORRELATION WITH INFORMATION FROM NONTECHNICAL SOURCES | no data | ||||
| 💼 AU-6 (10) AUDIT LEVEL ADJUSTMENT | no data |
Policies (2)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS KMS Symmetric CMK Rotation is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Diagnostic Setting for Azure Key Vault is not enabled🟢⚪ | 🟢 x2, ⚪ x1 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-4d6fee7a | 1 | |
| ✉️ dec-x-b2ce0ca1 | 1 |