Navigate

CCI-001491

CCI-001491 Definition

The organization correlates information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed will document and implement a process to correlate information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process and correlated results to ensure the organization being inspected/assessed correlates information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.

Compelling Evidence

1.) Signed and dated audit and accountability policy 2.) Audit trail

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001491.

Control	Description
AU-6 (6)	The organization correlates information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.