CCI-001897

Defines the subset of privileged users or roles who will be authorized read-only access to audit information.

Implementation Guidance

Determine if read-only access to audit information is authorized to [AU-09(06)_ODP; a subset of privileged users or roles with authorized read-only access to audit information is defined].

Validation Procedures

Examine: [SELECT FROM: Audit and accountability policy; system security plan; privacy plan; access control policy and procedures; procedures addressing protection of audit information; system design documentation; system configuration settings and associated documentation; system-generated list of privileged users with read-only access to audit information; access authorizations; access control list; system audit records; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with audit and accountability responsibilities; organizational personnel with information security and privacy responsibilities; system/network administrators]. Test: [SELECT FROM: Mechanisms managing access to audit information].

The controls below (if any) were marked by NIST as being related to CCI-001897.