>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

5.4Auditing and Accountability

>Control Description

Agencies shall implement audit and accountability controls to increase the probability of authorized users conforming to a prescribed pattern of behavior. Agencies shall carefully assess the inventory of components that compose their information systems to determine which security controls are applicable to the various components. Auditing controls are typically applied to the components of an information system that provide auditing capability (servers, etc.) and would not necessarily be applied to every user-level workstation within the agency. As technology advances, more powerful and diverse functionality can be found in such devices as personal digital assistants and cellular telephones, which may require the application of security controls in accordance with an agency assessment of risk. Refer to Section 5.13.6 for additional audit requirements related to mobile devices used to access CJI.

>Cross-Framework Mappings

SCF

GOV-02
Compare
GOV-03
Compare
MON-01
Compare
MON-01.13
Compare
MON-01.16
Compare
MON-02
Compare
MON-02.1
Compare

Ask AI

Configure your API key to use AI features.