πΌ AU-6 Audit Record Review, Analysis, and Reporting
- Contextual name: πΌ AU-6 Audit Record Review, Analysis, and Reporting
- ID:
/frameworks/nist-sp-800-53-r5/au/06
- Located in: πΌ AU Audit And Accountability
Descriptionβ
a. Review and analyze system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity] and the potential impact of the inappropriate or unusual activity;
b. Report findings to [Assignment: organization-defined personnel or roles]; and
c. Adjust the level of audit record review, analysis, and reporting within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.
Similarβ
Similar Sections (Give Policies To)β
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
| πΌ AU-6(1) Audit Record Review, Analysis, and Reporting _ Automated Process Integration | | 1 | 1 | |
| πΌ AU-6(2) Audit Record Review, Analysis, and Reporting _ Automated Security Alerts | | | | |
| πΌ AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories | | | 8 | |
| πΌ AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis | | | 8 | |
| πΌ AU-6(5) Audit Record Review, Analysis, and Reporting _ Integrated Analysis of Audit Records | | | | |
| πΌ AU-6(6) Audit Record Review, Analysis, and Reporting _ Correlation with Physical Monitoring | | | | |
| πΌ AU-6(7) Audit Record Review, Analysis, and Reporting _ Permitted Actions | | | | |
| πΌ AU-6(8) Audit Record Review, Analysis, and Reporting _ Full Text Analysis of Privileged Commands | | | | |
| πΌ AU-6(9) Audit Record Review, Analysis, and Reporting _ Correlation with Information from Nontechnical Sources | | | | |
| πΌ AU-6(10) Audit Record Review, Analysis, and Reporting _ Audit Level Adjustment | | | | |
Policies (2)β