AU-06 Audit Monitoring, Analysis, And Reporting
Audit and Accountability
Description
The organization regularly reviews/analyzes information system audit records for indications of inappropriate or unusual activity, investigates suspicious activity or suspected violations, reports findings to appropriate officials, and takes necessary actions.\n
Supplemental Guidance
Organizations increase the level of audit monitoring and analysis activity within the information system whenever there is an indication of increased risk to organizational operations, organizational assets, or individuals based on law enforcement information, intelligence information, or other credible sources of information.\n
Changes from Rev 4
Adds control text regarding inclusion of the potential impact of the inappropriate or unusual activity when reviewing audit records as well as adjusting level or focus of review based on threat or other information Incorporates withdrawn control AU-6(10)
Enhancements
\n