Navigate

CCI-000126

CCI-000126 Definition

Specify the organization-defined event types (subset of the event types defined in AU-2a) along with the frequency of (or situation requiring logging for each identified event type.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000126.

Control	Description
AU-2	The organization: a: Determines that the information system is capable of auditing the following events: [one of ]; b: Coordinates the security audit function with other organizational entities requiring audit-related information to enhance mutual support and to help guide the selection of auditable events; c: Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and d: Determines that the following events are to be audited within the information system: [one of ].

Control

Description

AU-2

The organization:

a: Determines that the information system is capable of auditing the following events: [one of ];

b: Coordinates the security audit function with other organizational entities requiring audit-related information to enhance mutual support and to help guide the selection of auditable events;

c: Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and

d: Determines that the following events are to be audited within the information system: [one of ].