The organization specifies the permitted actions for each [one or more of information system process/role/user] associated with the review, analysis, and reporting of audit information.
Supplemental
Organizations specify permitted actions for information system processes, roles, and/or users associated with the review, analysis, and reporting of audit records through account management techniques. Specifying permitted actions on audit information is a way to enforce the principle of least privilege. Permitted actions are enforced by the information system and include, for example, read, write, execute, append, and delete.