Navigate

• Top
• Description
• Related
• Enhancements
• CCIs

RA-5 (8)

RA-5 (8): Review Historic Audit Logs

The organization reviews historic audit logs to determine if a vulnerability identified in the information system has been previously exploited.

Supplemental

None

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

Related Controls

The controls below (if any) were marked by NIST as being related to RA-5 (8).

Control	Description
AU-6	The organization: AU-6a.: Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; and AU-6b.: Reports findings to [Assignment: organization-defined personnel or roles].

Enhancements

The controls below (if any) add on to the requirements of RA-5 (8).

Control	Description
No controls

Related CCIs

The CCIs below are tied to RA-5 (8).

CCI	Definition
CCI-001071	The organization reviews historic audit logs to determine if a vulnerability identified in the information system has been previously exploited.