← Controls / AU

AU-06 Audit Monitoring, Analysis, And Reporting

Audit and Accountability

Low Moderate High

Description

The organization regularly reviews/analyzes information system audit records for indications of inappropriate or unusual activity, investigates suspicious activity or suspected violations, reports findings to appropriate officials, and takes necessary actions.

Supplemental Guidance

Organizations increase the level of audit monitoring and analysis activity within the information system whenever there is an indication of increased risk to organizational operations, organizational assets, or individuals based on law enforcement information, intelligence information, or other credible sources of information.

Changes from Rev 4

Adds control text regarding inclusion of the potential impact of the inappropriate or unusual activity when reviewing audit records as well as adjusting level or focus of review based on threat or other information Incorporates withdrawn control AU-06(10)

Compliance Mappings

ISO 27001:2022

7.59.2A.5.28A.5.36A.8.15A.8.16A.8.34

ISO 27002:2022

5.285.368.158.168.34

COBIT 2019

DSS06MEA01MEA02

CIS Controls v8

CIS 12.5CIS 13CIS 13.1CIS 13.11CIS 8CIS 8.11CIS 8.9

NIST CSF 2.0

DE.AE-02DE.AE-03DE.AE-04DE.AE-06DE.CM-01DE.CM-03DE.CM-09PR.PS-04RS.AN-03

SOC 2 TSC

CC7.2CC7.2-POF1CC7.3

PCI DSS v4.0.1

10.411.5

CSA CCM v4

AA-05LOG-03LOG-04LOG-05LOG-13SEF-06

CSA AICM v1

A&A-05AIS-12LOG-03LOG-04LOG-05LOG-13LOG-14MDS-05SEF-06

FINOS CCC

CCC-C04CCC-C08CCC-C17

ISO 42001:2023

A.6.2.6A.6.2.8

IEC 62443

3-3 SR 6.1

PRA Operational Resilience

SS2/21-15.1

MAS TRM

12

APRA CPS 234

Para 22-23

BSI IT-Grundschutz

DER.1OPS.1.1.5

ANSSI

Hygiene.29Hygiene.39SecNumCloud.13.7SecNumCloud.17.1

FINMA Circular 2023/1

IV.C(66)IV.C(67)IV.C(68)IV.C(69)

OSFI B-13

B-13.3.3

EU GDPR

Art.32(1)(d)Art.33(3)(d)

EU DORA

Art.10(1)Art.10(2)

BIO2

5.285.368.158.168.34

RBI CSF

Annex1.16Annex1.20Annex1.22

FISC Security Guidelines

FISC.O11FISC.O2

LGPD + BCB 4893

BCB.Art.6BCB.Art.8LGPD.Art.48

HKMA TM-E-1

TME1.2.6TME1.5.2TME1.7.5

MLPS 2.0

8.1.3.58.1.4.38.1.5.28.1.5.4

DNB Good Practice

DNB.16.1

EU CRA

CRA.I.2dCRA.I.2l

SWIFT CSCF

SWIFT.2.9SWIFT.6.4

SAMA CSF

1.93.6

NCA ECC

1-82-12

UAE IA

T11T7

CBB TM

TM-12TM-13TM-16

Qatar NIA

IMOS

CBUAE

CR-3

CBE CSF

CD-1

SA JS2

JS2-7.3JS2-9

CBN CSF

Part3.5Part9

BoG CISD

CISD-IVCISD-VII

POPIA

s19s22s73-99

BoM CTRM

1.54.25.1

IOSCO Cyber Resilience

DET-1DET-2DET-4

BCBS 239

Principle 10Principle 12Principle 7

CPMI-IOSCO PFMI

CG.DEPFMI.P17

FFIEC IS

II.C.15II.C.18II.DIII.BIII.CIV.A.4

NYDFS 500

500.14500.17500.6

HIPAA Security Rule

§164.308(a)(1)(ii)(D)§164.308(a)(5)(ii)(C)§164.308(a)(6)(ii)§164.312(b)

ECB CROE

CROE.2.4

EBA ICT Guidelines

3.4.53.5(c)3.8(c)

SEBI CSCRF

AUDITDE.AUDE.CMRS.ANSOC

BOT Cyber Resilience

Ch3.1Ch6.1Ch8.2

CMMC 2.0

AU

NERC CIP

CIP-007-6CIP-015-1

10 CFR 73.54

RG5.71-A-AU

TSA Pipeline SD

SD-2 Sec C

IEEE 1686-2022

5.2

FERC CIP Orders

Order 881

DOE C2M2 v2.1

SITUATION

API 1164

Sec 9

AWIA

AWWA Sec 5

IAEA NSS 17-T

Sec 5.5

PCI PTS v6

L

CBEST

CBEST.5

TIBER-EU

TIBER.BT

PCI HSM

108

Common Criteria

CC Part 2 — FAU

ISAE 3402

Clause 10Clause 4Clause 6

Solvency II

Art.46EIOPA-ICT-4.9

Lloyd's Minimum Standards

MS2.1MS5.1MS8.12MS8.5

NAIC Insurance Data Security

4-audit4B56-a

PRA SS1/23

P-IT.2P3.4P3.6P4.5P5.2

FCA SYSC 13

SYSC 13.7.5

HITRUST CSF v11

09.g11.b

FDA 21 CFR Part 11

§11.10(e)

FDA Cybersecurity Guidance

SA-5

ISO 27799

12.49.2

CCSS v9.0

1.02.82.01.32.03.12.03.22.04.22.04.3

MiCA

Art.62(8)Art.88(1)Art.92(1)

Basel SCO60

SCO60.13SCO60.23SCO60.55SCO60.72SCO60.73SCO60.74

BSSC Standards

NOS-06GSP-12

SEC Custody (Digital Assets)

SEC-CD-11SEC-CD-14SEC-CD-15SEC-CD-16SEC-CD-18SEC-CD-20

ISO 17799 (legacy)

10.10.210.10.413.2.1

COBIT 4.1 (legacy)

DS5.5