Skip to main content

πŸ’Ό AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING

  • Contextual name: πŸ’Ό AU-6 AUDIT REVIEW, ANALYSIS, AND REPORTING
  • ID: /frameworks/nist-sp-800-53-r4/au/06
  • Located in: πŸ’Ό AU AUDIT AND ACCOUNTABILITY

Description​

The organization: AU-6a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; and AU-6b. Reports findings to [Assignment: organization-defined personnel or roles].

Similar​

  • Internal
    • ID: dec-c-4db811b3

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.AE-2: Detected events are analyzed to understand attack targets and methods1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.AE-3: Event data are collected and correlated from multiple sources and sensors1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό DE.DP-4: Event detection information is communicated3033
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations1619
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy1720
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.AN-1: Notifications from detection systems are investigated1922
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.CO-2: Incidents are reported consistent with established criteria2023

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AU-6 (1) PROCESS INTEGRATION
πŸ’Ό AU-6 (2) AUTOMATED SECURITY ALERTS
πŸ’Ό AU-6 (3) CORRELATE AUDIT REPOSITORIES
πŸ’Ό AU-6 (4) CENTRAL REVIEW AND ANALYSIS
πŸ’Ό AU-6 (5) INTEGRATION _ SCANNING AND MONITORING CAPABILITIES
πŸ’Ό AU-6 (6) CORRELATION WITH PHYSICAL MONITORING
πŸ’Ό AU-6 (7) PERMITTED ACTIONS
πŸ’Ό AU-6 (8) FULL TEXT ANALYSIS OF PRIVILEGED COMMANDS
πŸ’Ό AU-6 (9) CORRELATION WITH INFORMATION FROM NONTECHNICAL SOURCES
πŸ’Ό AU-6 (10) AUDIT LEVEL ADJUSTMENT

Policies (2)​

PolicyLogic CountFlags
πŸ“ AWS KMS Symmetric CMK Rotation is not enabled 🟒1🟒 x6
πŸ“ Azure Diagnostic Setting for Azure Key Vault is not enabled 🟒🟒 x3

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-4d6fee7a1
βœ‰οΈ dec-x-b2ce0ca11