AU-07 Audit Reduction And Report Generation
Audit and Accountability
Low Moderate High
Description
The information system provides an audit reduction and report generation capability.
Supplemental Guidance
Audit reduction, review, and reporting tools support after-the-fact investigations of security incidents without altering original audit records.
Changes from Rev 4
Title changed from 'Audit Reduction and Report Generation' Control text changes to include 'implement' Minor additions to discussion
Compliance Mappings
ISO 27001:2022
7.5A.8.15
ISO 27002:2022
8.15
CIS Controls v8
CIS 8
SOC 2 TSC
CC7.2CC7.3
ISO 42001:2023
A.6.2.8
BSI IT-Grundschutz
OPS.1.1.5
ANSSI
Hygiene.29SecNumCloud.13.7
FINMA Circular 2023/1
IV.C(66)IV.C(67)
OSFI B-13
B-13.3.3
EU GDPR
Art.30(1)Art.5(2)
EU DORA
Art.10(1)
BIO2
8.15
RBI CSF
Annex1.16ITGRCA.15
FISC Security Guidelines
FISC.O11
LGPD + BCB 4893
BCB.Art.20
MLPS 2.0
8.1.5.2
NCA ECC
2-12
UAE IA
T7
CBB TM
TM-12
Qatar NIA
IMOS
CBUAE
CR-3
CBE CSF
CD-1
SA JS2
JS2-7.3
CBN CSF
Part3.5
BoG CISD
CISD-VII
BoM CTRM
4.2
IOSCO Cyber Resilience
DET-1
BCBS 239
Principle 7Principle 9
CPMI-IOSCO PFMI
CG.DE
FFIEC IS
III.BIV.A.4
NYDFS 500
500.6
HIPAA Security Rule
§164.308(a)(1)(ii)(D)§164.312(b)
ECB CROE
CROE.2.4
EBA ICT Guidelines
3.4.5
SEBI CSCRF
DE.AU
BOT Cyber Resilience
Ch3.1
CMMC 2.0
AU
Common Criteria
CC Part 2 — FAU
ISAE 3402
Clause 10
Lloyd's Minimum Standards
MS8.12
NAIC Insurance Data Security
4-audit5
PRA SS1/23
P-IT.2
FCA SYSC 13
SYSC 13.7.5
HITRUST CSF v11
09.g
FDA 21 CFR Part 11
§11.10(e)
ISO 27799
12.4
SEC Custody (Digital Assets)
SEC-CD-15
ISO 17799 (legacy)
10.10.3
COBIT 4.1 (legacy)
None.