>myctrl.tools
GitHub

AU-13Monitoring For Information Disclosure

>Control Description

a. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and b. If an information disclosure is discovered: 1. Notify [Assignment: organization-defined personnel or roles]; and 2. Take the following additional actions: [Assignment: organization-defined additional actions].

>Supplemental Guidance

Unauthorized disclosure of information is a form of data leakage. Open-source information includes social networking sites and code-sharing platforms and repositories. Examples of organizational information include personally identifiable information retained by the organization or proprietary information generated by the organization.

>Related Controls

AC-22
PE-3
PM-12
RA-5
SC-7
SI-20

>Control Enhancements

AU-13(1)
AU-13(2)
AU-13(3)