Navigate

CCI-001577

CCI-001577 Definition

The organization defines the information system components from which audit records are to be compiled into the system-wide audit trail.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed will define and document the information system components from which audit records are to be compiled into the system-wide audit trail. The organization will periodically update this list to ensure it is current. DoD has determined the information system components are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the system-wide audit trail documentation to ensure the organization being inspected/assessed maintains a current list of information system components. DoD has determined the information system components are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated audit and accountability policy 2.) Applicable STIG/SRG checks

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001577.

Control	Description
AU-12 (1)	The information system compiles audit records from [Assignment: organization-defined information system components] into a system-wide (logical or physical) audit trail that is time-correlated to within [Assignment: organization-defined level of tolerance for the relationship between time stamps of individual records in the audit trail].