Navigate
AU-9
AU-9 Description
The information system protects audit information and audit tools from unauthorized access, modification, and deletion.
Supplemental
Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. This control focuses on technical protection of audit information. Physical protection of audit information is addressed by media protection controls and physical and environmental protection controls.
CIA Levels | |
---|---|
Confidentiality | low |
Integrity | low |
Availability | low |
Overlays |
---|
Privacy (High), Privacy (Low), Privacy (Mod), Privacy (PHI) |
Related Controls
The controls below (if any) were marked by NIST as being related to AU-9.
Enhancements
The controls below (if any) add on to the requirements of AU-9.
Related CCIs
The CCIs below are tied to AU-9.