zydronium/manage.get.gov

mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-05 01:11:55 +02:00

Add compliance documentation to source control (#116 )

* add initial setup of compliance-trestle

2022-09-14 08:46:43 -04:00

2.1 KiB

Raw Blame History

implementation-status

control-origination

c-not-implemented

c-inherited-cloud-gov

c-inherited-cisa

c-common-control

c-system-specific-control

au-12 - [catalog] Audit Record Generation

Control Statement

[a] Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2a on system components;
[b] Allow personnel or roles to select the event types that are to be logged by specific components of the system; and
[c] Generate audit records for the event types defined in AU-2c that include the audit record content defined in AU-3.

Control guidance

Audit records can be generated from many different system components. The event types specified in AU-2d are the event types for which audit logs are to be generated and are a subset of all event types for which the system can generate audit records.

Control assessment-objective

audit record generation capability for the event types the system is capable of auditing (defined in AU-02_ODP[01]) is provided by system components; personnel or roles is/are allowed to select the event types that are to be logged by specific components of the system; audit records for the event types defined in AU-02_ODP[02] that include the audit record content defined in AU-03 are generated.

What is the solution and how is it implemented?

Implementation a.

Add control implementation description here for item au-12_smt.a

Implementation b.

Add control implementation description here for item au-12_smt.b

Implementation c.

Add control implementation description here for item au-12_smt.c

2.1 KiB Raw Blame History