Navigate

CCI-001351

CCI-001351 Definition

The organization authorizes access to management of audit functionality to only an organization-defined subset of privileged users.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed authorizes access to the management of audit functionality to only the subset of privileged users defined in AU-9 (4), CCI 1894.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documentation of access authorizations for the management of audit functionality to ensure only the subset of privileged users defined in AU-9 (4), CCI 1894 have been granted access authorization.

Compelling Evidence

1.) List of privileged users who will be authorized access to the management of audit functionality

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001351.

Control	Description
AU-9 (4)	The organization authorizes access to management of audit functionality to only [Assignment: organization-defined subset of privileged users].