>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AU-9(4)Protection Of Audit Information

PBMM (P2)
Secret (P2)
Technical

>Control Description

PROTECTION OF AUDIT INFORMATION | ACCESS BY SUBSET OF PRIVILEGED USERS The organization authorizes access to management of audit functionality to only organization-defined subset of privileged users.

>Supplemental Guidance

Individuals with privileged access to an information system and who are also the subject of an audit by that system, may affect the reliability of audit information by inhibiting audit activities or modifying audit records. This control enhancement requires that privileged access be further defined between audit-related privileges and other privileges, thus limiting the users with audit-related privileges. Related control: AC-5.

Ask AI

Configure your API key to use AI features.