Navigate

CCI-000154

CCI-000154 Definition

Provide the capability to centrally review and analyze audit records from multiple components within the system.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if: - the capability to centrally review and analyze audit records from multiple components within the system is provided. - the capability to centrally review and analyze audit records from multiple components within the system is implemented.

Validation Procedures

Examine: [SELECT FROM: Audit and accountability policy; procedures addressing audit review, analysis, and reporting; system design documentation; system configuration settings and associated documentation; system security plan; privacy plan; system audit records; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with audit review, analysis, and reporting responsibilities; organizational personnel with information security and privacy responsibilities; system developers]. Test: [SELECT FROM: System capability to centralize review and analysis of audit records].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000154.

Control	Description
AU-6(4)	Provide and implement the capability to centrally review and analyze audit records from multiple components within the system.