💼 AU-6 Audit Record Review, Analysis, and Reporting

• Contextual name: 💼 AU-6 Audit Record Review, Analysis, and Reporting
• ID: /frameworks/nist-sp-800-53-r5/au/06
• Located in: 💼 AU Audit And Accountability

Description

a. Review and analyze system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity] and the potential impact of the inappropriate or unusual activity; b. Report findings to [Assignment: organization-defined personnel or roles]; and c. Adjust the level of audit record review, analysis, and reporting within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.

Similar

• Internal
  • ID: dec-c-3ce33089

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H)	6	20	30
💼 FedRAMP Low Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H)			24
💼 NIST CSF v2.0 → 💼 DE.AE-02: Potentially adverse events are analyzed to better understand associated activities			31
💼 NIST CSF v2.0 → 💼 DE.AE-03: Information is correlated from multiple sources			46

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AU-6(1) Audit Record Review, Analysis, and Reporting _ Automated Process Integration		1	1
💼 AU-6(2) Audit Record Review, Analysis, and Reporting _ Automated Security Alerts
💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			8
💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			8
💼 AU-6(5) Audit Record Review, Analysis, and Reporting _ Integrated Analysis of Audit Records
💼 AU-6(6) Audit Record Review, Analysis, and Reporting _ Correlation with Physical Monitoring
💼 AU-6(7) Audit Record Review, Analysis, and Reporting _ Permitted Actions
💼 AU-6(8) Audit Record Review, Analysis, and Reporting _ Full Text Analysis of Privileged Commands
💼 AU-6(9) Audit Record Review, Analysis, and Reporting _ Correlation with Information from Nontechnical Sources
💼 AU-6(10) Audit Record Review, Analysis, and Reporting _ Audit Level Adjustment

Policies (2)

Policy	Logic Count	Flags
📝 Google Cloud Audit Logging is not configured properly 🟢	1	🟢 x6
📝 Google GCE Network DNS Policy Logging is not enabled 🟢	1	🟢 x6