Description
The information system produces audit records that contain sufficient information to establish what events occurred, the sources of the events, and the outcomes of the events.\n
Supplemental Guidance
Audit record content includes, for most audit records: (i) date and time of the event; (ii) the component of the information system (e.g., software component, hardware component) where the event occurred; (iii) type of event; (iv) user/subject identity; and (v) the outcome (success or failure) of the event. NIST Special Publication 800-92 provides guidance on computer security log management.\n
Enhancements
\n
Compliance Mappings
ISO 27002:2022
8.15
CIS Controls v8
3.148.28.5
NIST CSF 2.0
PR.PS-04
SOC 2 TSC
PI1.4
ISO 17799 (legacy)
10.10.110.10.4
COBIT 4.1 (legacy)
None.