Guidance for NIST 800-171 Assessment & Compliance
Table E-3: Tailoring Actions for Audit and Accountability Controls
NIST SP 800-53 MODERATE BASELINE SECURITY CONTROLS |
TAILORING |
|
AU-1 |
Audit and Accountability Policy and Procedures |
NFO |
AU-2 |
Audit Events |
CUI |
AU-2(3) |
AUDIT EVENTS | REVIEWS AND UPDATES |
CUI |
AU-3 |
Content of Audit Records |
CUI |
AU-3(1) |
CONTENT OF AUDIT RECORDS | ADDITIONAL AUDIT INFORMATION |
CUI |
AU-4 |
Audit Storage Capacity |
NCO |
AU-5 |
Response to Audit Processing Failures |
CUI |
AU-6 |
Audit Review, Analysis, and Reporting |
CUI |
AU-6(1) |
AUDIT REVIEW, ANALYSIS, AND REPORTING | PROCESS INTEGRATION |
NCO |
AU-6(3) |
AUDIT REVIEW, ANALYSIS, AND REPORTING | CORRELATE AUDIT REPOSITORIES |
CUI |
AU-7 |
Audit Reduction and Report Generation |
CUI |
AU-7(1) |
AUDIT REDUCTION AND REPORT GENERATION | AUTOMATIC PROCESSING |
NCO |
AU-8 |
Time Stamps |
CUI |
AU-8(1) |
TIME STAMPS | SYNCHRONIZATION WITH AUTHORITATIVE TIME SOURCE |
CUI |
AU-9 |
Protection of Audit Information |
CUI |
AU-9(4) |
PROTECTION OF AUDIT INFORMATION | ACCESS BY SUBSET OF PRIVILEGED USERS |
CUI |
AU-11 |
Audit Record Retention |
NCO |
AU-12 |
Audit Generation |
CUI |
