Skip to main content

πŸ’Ό AU-13 Monitoring for Information Disclosure

  • Contextual name: πŸ’Ό AU-13 Monitoring for Information Disclosure
  • ID: /frameworks/nist-sp-800-53-r5/au/13
  • Located in: πŸ’Ό AU Audit And Accountability

Description​

a. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and b. If an information disclosure is discovered:

  1. Notify [Assignment: organization-defined personnel or roles]; and
  2. Take the following additional actions: [Assignment: organization-defined additional actions].

Similar​

  • Internal
    • ID: dec-c-512695e1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό DE.CM-03: Personnel activity and technology usage are monitored to find potentially adverse events59
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected67

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AU-13(1) Monitoring for Information Disclosure _ Use of Automated Tools
πŸ’Ό AU-13(2) Monitoring for Information Disclosure _ Review of Monitored Sites
πŸ’Ό AU-13(3) Monitoring for Information Disclosure _ Unauthorized Replication of Information