>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AU-9(5)Protection Of Audit Information

Secret (P2)
Technical

>Control Description

PROTECTION OF AUDIT INFORMATION | DUAL AUTHORIZATION The organization enforces dual authorization for [Selection (one or more): movement; deletion] of organization-defined audit information.

>Supplemental Guidance

Organizations may choose different selection options for different types of audit information. Dual authorization mechanisms require the approval of two authorized individuals in order to execute. Dual authorization may also be known as two person control.

Related controls: AC-3, MP-2.

Ask AI

Configure your API key to use AI features.