Guidance for NIST 800-171 Assessment & Compliance

Zoom Window Out
Larger Text | Smaller Text
Hide Page Header
Show Expanding Text
Printable Version
Save Permalink URL

Navigation: AU-FAMILY: AUDIT AND ACCOUNTABILITY

AU-5(1) RESPONSE TO AUDIT PROCESSING FAILURES | AUDIT STORAGE CAPACITY

Scroll Prev Top Next More

Applicable

(Y)es / (N)o

(C)onfidentiality

(I)ntegrity

(A)vailability

RPN

(C+I+A)

(S)atisfactory

(O)ther than satisfactory +##

###

au-5(1)	response to audit processing failures \| audit storage capacity
	assessment objective: Determine if:
	au-5(1)[1]	the organization defines:
		au-5(1)[1][a]	personnel to be warned when allocated audit record storage volume reaches organization-defined percentage of repository maximum audit record storage capacity;
		au-5(1)[1][b]	roles to be warned when allocated audit record storage volume reaches organization-defined percentage of repository maximum audit record storage capacity; and/or
		au-5(1)[1][c]	locations to be warned when allocated audit record storage volume reaches organization-defined percentage of repository maximum audit record storage capacity;
	au-5(1)[2]	the organization defines the time period within which the information system is to provide a warning to the organization-defined personnel, roles, and/or locations when allocated audit record storage volume reaches the organization-defined percentage of repository maximum audit record storage capacity;
	au-5(1)[3]	the organization defines the percentage of repository maximum audit record storage capacity that, if reached, requires a warning to be provided; and
	au-5(1)[4]	the information system provides a warning to the organization-defined personnel, roles, and/or locations within the organization-defined time period when allocated audit record storage volume reaches the organization-defined percentage of repository maximum audit record storage capacity.
	potential assessment methods and objects: Examine: [select from: Audit and accountability policy; procedures addressing response to audit processing failures; information system design documentation; security plan; information system configuration settings and associated documentation; information system audit records; other relevant documents or records]. Interview: [select from: Organizational personnel with audit and accountability responsibilities; organizational personnel with information security responsibilities; system/network administrators; system developers]. Test: [select from: Automated mechanisms implementing audit storage limit warnings].

Hosted by ABCI Consultants for Information Security Management Systems | Implementations, Training and Assessments for Compliance | (800) 644-2056