💼 AU-6 Audit Record Review, Analysis, and Reporting
- ID:
/frameworks/nist-sp-800-53-r5/au/06
Stats
not available
Description
a. Review and analyze system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity] and the potential impact of the inappropriate or unusual activity; b. Report findings to [Assignment: organization-defined personnel or roles]; and c. Adjust the level of audit record review, analysis, and reporting within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.
Similar
- Internal
- ID:
dec-c-3ce33089
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H) | 6 | 21 | 42 | no data | |
| 💼 FedRAMP Low Security Controls → 💼 AU-6 Audit Record Review, Analysis, and Reporting (L)(M)(H) | 24 | no data | |||
| 💼 NIST CSF v2.0 → 💼 DE.AE-02: Potentially adverse events are analyzed to better understand associated activities | 51 | no data | |||
| 💼 NIST CSF v2.0 → 💼 DE.AE-03: Information is correlated from multiple sources | 66 | no data |
Sub Sections
Policies (2)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google Cloud Audit Logging is not configured properly🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Network DNS Policy Logging is not enabled🟢 | 1 | 🟢 x6 | no data |