Navigate
AU-4
AU-4 Description
The organization allocates audit record storage capacity in accordance with [Assignment: organization-defined audit record storage requirements].
Supplemental
Organizations consider the types of auditing to be performed and the audit processing requirements when allocating audit storage capacity. Allocating sufficient audit storage capacity reduces the likelihood of such capacity being exceeded and resulting in the potential loss or reduction of auditing capability.
CIA Levels | |
---|---|
Confidentiality | unknown |
Integrity | unknown |
Availability | low |
Overlays |
---|
Privacy (High), Privacy (Mod), Privacy (PHI) |
Related Controls
The controls below (if any) were marked by NIST as being related to AU-4.
Enhancements
The controls below (if any) add on to the requirements of AU-4.
Control | Description |
---|---|
AU-4 (1) | The information system off-loads audit records [Assignment: organization-defined frequency] onto a different system or media than the system being audited. |
Related CCIs
The CCIs below are tied to AU-4.