>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AU-6(4)Audit Review, Analysis, And Reporting

PBMM (P2)
Secret (P2)
Technical

>Control Description

AUDIT REVIEW, ANALYSIS, AND REPORTING | CENTRAL REVIEW AND ANALYSIS The information system provides the capability to centrally review and analyze audit records from multiple components within the system.

>Supplemental Guidance

Automated mechanisms for centralized reviews and analyses include, for example, Security Information Management products. Related controls: AU-2, AU-12.

>Tailoring Guidance

While control enhancement (4) specifically mentions the use of a SIM (Security Information Management) product, the use of simpler solutions, such as a syslog server and perl scripts capable of parsing the logs may also suffice, depending on the complexity of the information system (e.g. number of servers and network devices to monitor).

Ask AI

Configure your API key to use AI features.