AU-12(2)—Audit Generation

PBMM (P2)

Secret (P2)

Technical

>Control Description

AUDIT GENERATION | STANDARDIZED FORMATS The information system produces a system-wide (logical or physical) audit trail composed of audit records in a standardized format.

>Supplemental Guidance

Audit information that is normalized to common standards promotes interoperability and exchange of such information between dissimilar devices and information systems. This facilitates production of event information that can be more readily analyzed and correlated. Standard formats for audit records include, for example, system log records and audit records compliant with Common Event Expressions (CEE).

If logging mechanisms within information systems do not conform to standardized formats, systems may convert individual audit records into standardized formats when compiling system-wide audit trails.

>Tailoring Guidance

Although control enhancement (2) specifies the use of a standardized format, this should be changed to read common format. As long as the audit events are sent in a common format understandable by the organization it does not matter whether or not the format adheres to a published standard.

Ask AI

Configure your API key to use AI features.