Show/Hide Toolbars

ABCI Consultants

Guidance for NIST 800-171 Assessment & Compliance

Navigation: AU-FAMILY: AUDIT AND ACCOUNTABILITY

AU-5(2) RESPONSE TO AUDIT PROCESSING FAILURES  |  REAL-TIME ALERTS
Scroll Prev Top Next More

Applicable

(Y)es / (N)o

(C)onfidentiality

(I)ntegrity

(A)vailability

RPN

(C+I+A)

(S)atisfactory

L1

M2

H3

L1

M2

H3

L1

M2

H3

(O)ther than satisfactory +##

 

 

 

 

 

 

 

 

 

 

 

 

###

au-5(2)

response to audit processing failures  | real-time alerts

 

assessment objective:

Determine if:

au-5(2)[1]    

the organization defines audit failure events requiring real-time alerts;

au-5(2)[2]

the organization defines:

au-5(2)[2][a]

personnel to be alerted when organization-defined audit failure events requiring real-time alerts occur;

au-5(2)[2][b]

roles to be alerted when organization-defined audit failure events requiring real-time alerts occur; and/or

au-5(2)[2][c]

locations to be alerted when organization-defined audit failure events requiring real-time alerts occur;

au-5(2)[3]

the organization defines the real-time period within which the information system is to provide an alert to the organization-defined personnel, roles, and/or locations when the organization-defined audit failure events requiring real-time alerts occur; and

au-5(2)[4]

the information system provides an alert within the organization-defined real-time period to the organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

potential assessment methods and objects:

Examine: [select from: Audit and accountability policy; procedures addressing response to audit processing failures; information system design documentation; security plan; information system configuration settings and associated documentation; records of notifications or real-time alerts when audit processing failures occur; information system audit records; other relevant documents or records].

Interview: [select from: Organizational personnel with audit and accountability responsibilities; organizational personnel with information security responsibilities; system/network administrators; system developers].

Test: [select from: Automated mechanisms implementing real-time audit alerts when organization-defined audit failure events occur].

 

Hosted by ABCI Consultants for Information Security Management Systems | Implementations, Training and Assessments for Compliance | (800) 644-2056