Navigate

AU-9(6)

AU-9(6): Read Only Access

The organization authorizes read-only access to audit information to [organization-defined subset of privileged users].

Supplemental

Restricting privileged user authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users (e.g., deleting audit records to cover up malicious activity).

CIA Levels
Confidentiality	unknown
Integrity	high
Availability	high

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AU-9(6).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AU-9(6).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AU-9(6).

CCI	Definition
CCI-001897	Defines the subset of privileged users or roles who will be authorized read-only access to audit information.
CCI-001898	Authorize read-only access to audit information to an organization-defined subset of privileged users or roles.